Update AbstractEndpoint so that the `enable` property is optional and
when it not specified the `endpoints.enabled` property will be used.
This allows users to switch the way that endpoints are enabled. Rather
than opting-out specific endpoint enablement the `endpoints.enabled`
property can be set to `false` and specific endpoints can be opted-in.
Fixes gh-2102
Since AbstractHandlerMethodMapping.getHandlerMap() is final it can't
be cglibbed and a proxy will barf if you try and call that method.
The RequestMappingEndpoint can be protected simply by defensively
checking if the mapping is a proxy before trying to inspect it.
Drop the setAdditionalProperties method from ShellProperties to ensure
that it is not included in the meta-data JSON. The additional properties
are usually wired in using @Autowired and it is pretty unlikely that
anyone is using the setter directly.
Fixes gh-2055
Shares the /health endpoint request mapping between security config
and MVC dispatcher. Generalizes so that instead of a marker
interface (AnonymouslyAccessibleMvcEndpoint), an MvcEndpoint
signals that it wants to control its own access rules by adding
a Principal to the @RequestMapping method parameters (more @MVC).
Fixes gh-2015 slightly differently
The changes in 3bb598a overload the health endpoint's sensitive
property such that it's now considered sensitive if management
security is enabled. When an endpoint is sensitive anonymous
access is prevented. This breaks the health endpoint which should
return a filtered view of the server's health when it's accessed
anonymously rather than rejecting the request.
This commit introduces AnonymouslyAccessibleMvcEndpoint, a marker
extension of the MvcEndpoint interface. It is implemented by
HealthMvcEndpoint. ManagementSecurityAutoConfiguration has been
updated to allow anonymous access to endpoints that aren't sensitive
or that implement AnonymouslyAccessibleMvcEndpoint.
Fixes gh-2015
Set the field javadoc of many properties that are managed via
configuration so that the "description" field is available in the
meta-data.
Closes gh-1808
before checking isEnabled(). It is explicitly constructed as null
in ManagementServerProperties to prevent class not found errors
at runtime when Security is not on the classpath.
Fixes gh-2003, fixes gh-2004
Spring MVC drives the postHandle method on any interceptors after the
response has been sent to the client. This meant that there was a
race between the test receiving the response and asserting that the
interceptor had been driven and Spring MVC driving the interceptor.
This commit updates the interceptor to use a CountDownLatch to track
whether or not it's been called. The test now waits for up to 30
seconds for the latch to be decremented.
Closes gh-1997
By default, when /health is accessed anonymously, the details are
stripped, i.e. the response will only indicate UP or DOWN. Furthermore
the response is cached for a configurable period to prevent a denial
of service attack.
This commit adds a configuration property,
endpoints.health.restrict-anonymous-access, that can be set to false
to allow full anonymous access to /health. When full access is
allowed, the details will be included in the response and the response
will not be cached.
Closes gh-1977
Previously, TestInterceptor used an int to keep a count of how often
it had been called. The count was incremented on one thread and
read on another thread. This lead to intermittent test failures as the
field was not declared volatile and a stale value would sometimes be
returned.
This commit updates TestInterceptor to use an AtomicInteger that's
held in a final field. This ensures that getCount() will not return
stale values and also ensures that the count can safely be incremented
concurrently.
Closes gh-1997
That way, if there is one, it will always be the right one
(otherwise you might be processing teh parent context with
metadata from the child).
Fixes gh-1982
Eclipse (by default) does not create the JSON metadata when
it compiles the @ConfigurationProperties beans. So running on
the command lilne gets scarily different than in an IDE. Fixed
by externalizing the metadata location and setting it to something
empty in the tests.
Including maps and lists. Beans with no metadata (in
/META-INF/*spring-configuration-metadata.json) are just serialized
as they come (so might have problems like cycles). Serialization
errors are caught and rendered as an "error" for that bean. Any
problems can be fixed by preparing metadata and specifying which
properties are to be rendered that way.
Fixes gh-1746, fixes gh-1921
Update ConfigurationPropertiesReportEndpoint to find
@ConfigurationProperties using `context.findAnnotationOnBean` rather
than `AnnotationUtils.findAnnotation`. This will correctly find the
annotation even if the bean is an interface based proxy.
Fixes gh-1927
This reverts a change that I assume was orphaned from work in
progress to address #1353, but is no longer needed. Anyway
there is no reason to restrict MvcEndpoints to be unique by
path since they can declare their own @RequestMappings
(and if there are duplicates they will be detected when those
are scanned).
Fixes gh-1911
Change the pidfile property from `spring.application.pidfile` to
`spring.pidfile` (to save confusion with SpringApplication properties).
Also added documentation and meta-data information.
See gh-1579
Update the `spring-boot`, `spring-boot-autoconfigure` and
`spring-boot-actuator` project to generate configuration meta-data
files during compilation.
See gh-1001
Prior to this commit LoggingSystem initialization would happen multiple
times. Once to configure "quiet" logging, and again to configure correct
settings once the Application was initialized. This could cause problems
if `logging.groovy` logback files were used.
The logging system is now only initialized once (when possible) by
following these steps:
- Standard logging initialization occurs via the actual logging
implementation used (e.g. logback will load a logback.xml file if it
exists)
- beforeInitization() is called to prevent early log output.
Implementations now either use a Filter or simply set the root logging
level.
- initialize() is called with an optional log configuration file (e.g
a custom logback.xml location) and an optional log output file (the
default is null indicating console only output).
The initialize() method will attempt to prevent double initialization
by checking if a standard configuration file exists. Double
initialization now only occurs in the following situations:
- The user has a standard configuration file (e.g. classpath:logback.xml)
but also specifies a logging.config property. Double initialization is
required since the specified configuration file supersedes the default.
- The user has a standard configuration file (e.g. classpath:logback.xml)
and specifies a logging.file property. Double initialization is
required since the standard configuration may use a ${LOG_FILE}
reference.
In addition this commit removes the `logging.console` option and now
assumes that logging either occurs only to console or to both the
console and a file. This restriction helps simplify the LoggingSystem
implementations. If file only logging is required a custom logback.xml
can be used.
Fixes gh-1091
See gh-1612, gh-1770
Then we can optionally find a non-anonymous principal if there
is one. If the user is anonymous then the health result is cached
up to endpoints.health.ttl (default 1000ms) to prevent a DOS attack.
Fixes gh-1353
Spring 4.2 has a @TestPropertySource which has some of the features of
@IntegrationTest. This change adds @TestPropertySource to the @IntegrationTest
annotation, so that (for instance) the cache key for the context includes
properties for the test.
Since @IntegrationTest has slightly different semantics I do not propose to
deprecate it. Users can use it or @TestPropertySource, the main difference being that
with @IntegrationTest the Spring Boot context loader is aware of the annotation
and it will set sensible defaults for server.port and spring.jmx.enabled.
There are some reflection hacks to overcome the usual fortifications of Spring Test.
Fixes gh-1697
Replace where possible all @ConditionalOnExpression annotations with
@ConditionalOnProperty which is both faster to run and more descriptive.
Fixes gh-1685
Previously, for a string to be considered upper-case,
EmbeddedServerPortFileWriter required every character in the
string to be upper-case. This meant that strings containing numbers were
considered lower-case even if every letter in the string was upper-case.
OS X’s case-preserving, case-insensitive file system masked this problem
as the tests were still able to find the created file, even though the
case of its name was not as expected.
This commit updates EmbeddedServerPortFileWriter to only require
characters that are letters (as defined by Character.isLetter()) to be
upper-case. It also updates the tests to verify that the case of the
created file’s name is correct in such a way that it will fail, even
on OS X, when it is not.
Fixes gh-1676
- Supply auto-configuration for the new indicator
- As suggested in the pull request, include the free disk space and
configured threshold in the health details
- Update the documentation to describe the indicator and its
two configuration settings
- Use @ConfigurationProperties to bind the indicator's configuration.
This should make the changes sympathetic to the work being done
to automate the configuration properties documentation
Closes gh-1297
In addition to requiring the Servlet API to be on the classpath,
MetricFilter requires spring-web to also be on the classpath as it
extends OncePerRequestFilter. This commit updates the auto-configuration
for MetricFilter so that it will be disabled in the absence of a
dependency on spring-web.
Fixes gh-1664
Some weird looking test failures led me to track this down.
If the user changes the prefix for metric names, he probably wanted
to change the keys as welll (otherwise 2 repositories can use the
same key, which is why the test was failing for me). We can do that
in an afterPropertiesSet().
If the actuator endpoints are configured on a different port then there
are some settings in the main ServerProperties that we would like to
re-use (e.g. the access log). The easiest way to do that is to just
configure the management server using the same ServerProperties instance
and then overwrite the things that are different (and stored in
ManagementServerProperties).
Fixes gh-1581
Done in order to align with the rest of the configuration. Absent this
check, the bean will be installed in non-web applications without the
corresponding dependencies, causing the bootstrap to fail.
Closes gh-1588
This is a continuation of the changes made in 611f978. It makes some
more @Bean methods public and adds tests to spring-boot-actuator and
spring-boot-autoconfigure to prevent against non-public methods being
introduced in the future
Closes gh-1571
When MVC path matchers are used as metric keys, they can still contain
invalid characters and patterns (like asterisks). This change removes
some more special characters and also tidies up the names a bit so
no key part starts or ends with "-" (which is ugly).
Fixes gh-1528
Protecting /error doesn't make a great deal of sense and if it is
protected you don't get the ErrorPageFilter for the attempt at loading
it, so Tomcat renders its own HTML error page (when deployed as WAR).
Fixes gh-1548
When MVC path matchers are used as metric keys, they can still contain
invalid characters and patterns (like asterisks). This change removes
some more special characters and also tidies up the names a bit so
no key part starts or ends with "-" (which is ugly).
Fixes gh-1528
Import DataSourcePoolMetadataProvidersConfiguration from
DataSourceAutoConfiguration so that PoolMetadataProviders are configured
even if actuator is not used.
This commit improves DataSourceMetadata to expose the validation
query. This can be used by DataSourceHealthIndicator as the query
to use instead of "guessing" which query could be applied according
to the database type.
Fixes gh-1282
This commit adds an abstraction that provides a standard manner to
retrieve various metadata that are shared by most data sources.
DataSourceMetadata is implemented by the three data source
implementations that boot supports out-of-the-box: Tomcat, Hikari and
Commons dbcp.
This abstraction is used to provide two additional metrics per data
source defined in the application: the number of allocated
connection(s) (.active) and the current usage of the connection pool
(.usage).
All such metrics share the 'datasource.' prefix. The prefix is further
qualified for each data source:
* If the data source is the primary data source (that is either the
only available data source or the one flagged @Primary amongst the
existing ones), the prefix is "datasource.primary"
* If the data source bean name ends with "dataSource", the prefix is
the name of the bean without it (i.e. batchDataSource becomes batch)
* In all other cases, the name of the bean is used
It is possible to override part or all of those defaults by
registering a bean with a customized version of
DataSourcePublicMetrics.
Additional DataSourceMetadata implementations for other data source
types can be added very easily, check
DataourceMetadataProvidersConfiguration for more details.
Fixes gh-1013
if user also adds @EnableWebMvcSecurity. The problem is that the ordering
of the init() and configure() methods in the Spring Security configurers
can force things to happen too early unless we are careful. It's still a bit
twitchy I would say, but this relatively small change seems to fix the GS guide
and not break any existing tests.
I added a sample which mimic ths GS guide so we get an integration test that
executes the new code paths.
Fixes gh-1364
Rename `VanillaHealthIndicator` to `ApplicationHealthIndicator` and
changed the exposed bean name from `statusHealthIndicator` to
`applicationHealthIndicator`.
This provides less confusing JSON output:
{"status":"UP","application":{"status":"UP"}}
vs:
{"status":"UP","status":{"status":"UP"}}
Fixes gh-1291
JSON output of /health now has the same structure for 1 or more HealthIndicators. This makes it easier to consume the response from scripts or apps
fixes#1291
Rework flexible PublicMetrics registration introduced in 2be6b3e4 to
restore compatibility with v1.1 VanillaPublicMetrics. The new
MetricReaderPublicMetrics class now exposes metrics from a MetricReader
and VanillaPublicMetrics is deprecated. The MetricsEndpoint can now
exposes a collection of PublicMetric interface directly.
See gh-1094
Previously, when running on Java 7+, the JDBC query driven by
DataSourceHealthIndicator resulted in a call to
ResultSet.getObject(index, Object.class). When using MySQL's JDBC
driver this failed with an SQLException with the message "Conversion
not supported for type java.lang.Object". The problem does not occur
on Java 6 as the overload of getObject that takes a type does not
exist; ResultSet.getObject(index) is called instead and MySQL happily
returns whatever type it deems to be appropriate for the column.
This commit updates DataSourceHealthIndicator so that
ResultSet.getObject(index) will always be used, irrespective of the
version of Java that Boot is running on.
Closes#1306
Previously any custom http code mapping would remove the default mappings. With this commit the behaviour is changed so that default mappings will stay if a custom mapping is registered. Certainly a default mapping can be overridden.
fixes#1264
Previously any custom http code mapping would remove the default mappings. With this commit the behaviour is changed so that default mappings will stay if a custom mapping is registered. Certainly a default mapping can be overridden.
fixes#1264
This commit permits the use of several PublicMetrics instances by
default. Previously, only one PublicMetrics service could be specified
and a user configuration would remove all the defaulting.
VanillaPublicMetrics now takes a collection of PublicMetrics and
invokes them in sequence to build the final collection of metrics.
The system-related metrics have been moved to SystemPublicMetrics and
are registered by default.
Also updated the documentation to mention this feature and how it
could be fully overridden.
Fixes gh-1094
In order to solve issues with multiple or incompatible AccessDecisionManagers, the CRaSH integration will now only delegate to an explicit shellAccessDecisionManager bean refs #1121
Prior to this commit, some tests were creating a parent/child
relationship but were only closing the child context. This could
be an issue with the autoconfig module as a lot of auto-config
kicks in by default.
This commit adds a new test utility designed to properly handle
those situations. Updated tests that were creating a context
hierarchy to benefit from that.
Fixes gh-1034
The Actuator endpoints ought to take precedence over others (since
they are important and users can isolate them using management.contextPath
if necessary). This change puts the @Order at -100 (well before the default
order of the RequestMappingHandlerMapping at 0).
Fixes gh-1107
To ensure an MBeanServer is available when needed you have to
look in JNDI before resorting to the JDK platform factory.
I had to copy some private code from Spring, but it seems
worth it.
Fixes gh-1092
Anywhere that an MBeanServer is needed it should be
created @Conditionally, so that user can exclude the
JmxAutoConfiguration and still get the other JMX
behaviours automatically.
Spring Buildmaster
Phillip Webb
Dave Syer
Stephane Nicoll
Andy Wilkinson
Spencer Gibb
Johannes Stelzer
Christian Dupuis
Brett Wooldridge
Eric Dahl
Mattias Severson
Marius Bogoevici
Stephane Nicoll
Phillip Webb
Taylor Wicksell
Christian Dupuis
Dave Syer
Tobias Gesellchen