diff --git a/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/session/SessionProperties.java b/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/session/SessionProperties.java index 2ba1c0c5d1..78f55be522 100644 --- a/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/session/SessionProperties.java +++ b/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/session/SessionProperties.java @@ -23,7 +23,7 @@ import java.util.Set; import org.springframework.beans.factory.ObjectProvider; import org.springframework.boot.autoconfigure.web.ServerProperties; -import org.springframework.boot.autoconfigure.web.ServerProperties.Session; +import org.springframework.boot.autoconfigure.web.ServerProperties.Servlet.Session; import org.springframework.boot.context.properties.ConfigurationProperties; import org.springframework.boot.web.servlet.DispatcherType; import org.springframework.session.web.http.SessionRepositoryFilter; @@ -53,7 +53,7 @@ public class SessionProperties { public SessionProperties(ObjectProvider serverProperties) { ServerProperties properties = serverProperties.getIfUnique(); - Session session = (properties == null ? null : properties.getSession()); + Session session = (properties == null ? null : properties.getServlet().getSession()); this.timeout = (session == null ? null : session.getTimeout()); } @@ -68,7 +68,7 @@ public class SessionProperties { /** * Return the session timeout. * @return the session timeout - * @see ServerProperties#getSession() + * @see ServerProperties.Servlet#getSession() */ public Duration getTimeout() { return this.timeout; diff --git a/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/web/ServerProperties.java b/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/web/ServerProperties.java index 1f0673b7ae..bfa4096d0f 100644 --- a/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/web/ServerProperties.java +++ b/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/web/ServerProperties.java @@ -98,8 +98,6 @@ public class ServerProperties { */ private Duration connectionTimeout; - private final Session session = new Session(); - @NestedConfigurationProperty private Ssl ssl; @@ -177,10 +175,6 @@ public class ServerProperties { return this.error; } - public Session getSession() { - return this.session; - } - public Ssl getSsl() { return this.ssl; } @@ -236,6 +230,8 @@ public class ServerProperties { @NestedConfigurationProperty private final Jsp jsp = new Jsp(); + private final Session session = new Session(); + public String getContextPath() { return this.contextPath; } @@ -268,6 +264,10 @@ public class ServerProperties { return this.jsp; } + public Session getSession() { + return this.session; + } + public String getServletMapping() { if (this.path.equals("") || this.path.equals("/")) { return "/"; @@ -319,196 +319,196 @@ public class ServerProperties { return result; } - } - - /** - * Session properties. - */ - public static class Session { - /** - * Session timeout. If a duration suffix is not specified, seconds will be used. + * Session properties. */ - @DefaultDurationUnit(ChronoUnit.SECONDS) - private Duration timeout; - - /** - * Session tracking modes (one or more of the following: "cookie", "url", "ssl"). - */ - private Set trackingModes; - - /** - * Whether to persist session data between restarts. - */ - private boolean persistent; - - /** - * Directory used to store session data. - */ - private File storeDir; - - private final Cookie cookie = new Cookie(); - - public Cookie getCookie() { - return this.cookie; - } - - public Duration getTimeout() { - return this.timeout; - } - - public void setTimeout(Duration timeout) { - this.timeout = timeout; - } - - public Set getTrackingModes() { - return this.trackingModes; - } - - public void setTrackingModes(Set trackingModes) { - this.trackingModes = trackingModes; - } - - public boolean isPersistent() { - return this.persistent; - } - - public void setPersistent(boolean persistent) { - this.persistent = persistent; - } - - public File getStoreDir() { - return this.storeDir; - } - - public void setStoreDir(File storeDir) { - this.storeDir = storeDir; - } - - /** - * Cookie properties. - */ - public static class Cookie { + public static class Session { /** - * Session cookie name. - */ - private String name; - - /** - * Domain for the session cookie. - */ - private String domain; - - /** - * Path of the session cookie. - */ - private String path; - - /** - * Comment for the session cookie. - */ - private String comment; - - /** - * "HttpOnly" flag for the session cookie. - */ - private Boolean httpOnly; - - /** - * "Secure" flag for the session cookie. - */ - private Boolean secure; - - /** - * Maximum age of the session cookie. + * Session timeout. If a duration suffix is not specified, seconds will be used. */ @DefaultDurationUnit(ChronoUnit.SECONDS) - private Duration maxAge; + private Duration timeout; - public String getName() { - return this.name; + /** + * Session tracking modes (one or more of the following: "cookie", "url", "ssl"). + */ + private Set trackingModes; + + /** + * Whether to persist session data between restarts. + */ + private boolean persistent; + + /** + * Directory used to store session data. + */ + private File storeDir; + + private final Cookie cookie = new Cookie(); + + public Cookie getCookie() { + return this.cookie; } - public void setName(String name) { - this.name = name; + public Duration getTimeout() { + return this.timeout; } - public String getDomain() { - return this.domain; + public void setTimeout(Duration timeout) { + this.timeout = timeout; } - public void setDomain(String domain) { - this.domain = domain; + public Set getTrackingModes() { + return this.trackingModes; } - public String getPath() { - return this.path; + public void setTrackingModes(Set trackingModes) { + this.trackingModes = trackingModes; } - public void setPath(String path) { - this.path = path; + public boolean isPersistent() { + return this.persistent; } - public String getComment() { - return this.comment; + public void setPersistent(boolean persistent) { + this.persistent = persistent; } - public void setComment(String comment) { - this.comment = comment; + public File getStoreDir() { + return this.storeDir; } - public Boolean getHttpOnly() { - return this.httpOnly; + public void setStoreDir(File storeDir) { + this.storeDir = storeDir; } - public void setHttpOnly(Boolean httpOnly) { - this.httpOnly = httpOnly; + /** + * Cookie properties. + */ + public static class Cookie { + + /** + * Session cookie name. + */ + private String name; + + /** + * Domain for the session cookie. + */ + private String domain; + + /** + * Path of the session cookie. + */ + private String path; + + /** + * Comment for the session cookie. + */ + private String comment; + + /** + * "HttpOnly" flag for the session cookie. + */ + private Boolean httpOnly; + + /** + * "Secure" flag for the session cookie. + */ + private Boolean secure; + + /** + * Maximum age of the session cookie. + */ + @DefaultDurationUnit(ChronoUnit.SECONDS) + private Duration maxAge; + + public String getName() { + return this.name; + } + + public void setName(String name) { + this.name = name; + } + + public String getDomain() { + return this.domain; + } + + public void setDomain(String domain) { + this.domain = domain; + } + + public String getPath() { + return this.path; + } + + public void setPath(String path) { + this.path = path; + } + + public String getComment() { + return this.comment; + } + + public void setComment(String comment) { + this.comment = comment; + } + + public Boolean getHttpOnly() { + return this.httpOnly; + } + + public void setHttpOnly(Boolean httpOnly) { + this.httpOnly = httpOnly; + } + + public Boolean getSecure() { + return this.secure; + } + + public void setSecure(Boolean secure) { + this.secure = secure; + } + + public Duration getMaxAge() { + return this.maxAge; + } + + public void setMaxAge(Duration maxAge) { + this.maxAge = maxAge; + } + } - public Boolean getSecure() { - return this.secure; - } + /** + * Available session tracking modes (mirrors + * {@link javax.servlet.SessionTrackingMode}. + */ + public enum SessionTrackingMode { - public void setSecure(Boolean secure) { - this.secure = secure; - } + /** + * Send a cookie in response to the client's first request. + */ + COOKIE, - public Duration getMaxAge() { - return this.maxAge; - } + /** + * Rewrite the URL to append a session ID. + */ + URL, + + /** + * Use SSL build-in mechanism to track the session. + */ + SSL - public void setMaxAge(Duration maxAge) { - this.maxAge = maxAge; } } - - /** - * Available session tracking modes (mirrors - * {@link javax.servlet.SessionTrackingMode}. - */ - public enum SessionTrackingMode { - - /** - * Send a cookie in response to the client's first request. - */ - COOKIE, - - /** - * Rewrite the URL to append a session ID. - */ - URL, - - /** - * Use SSL build-in mechanism to track the session. - */ - SSL - - } - } + /** * Tomcat properties. */ diff --git a/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/web/servlet/DefaultServletWebServerFactoryCustomizer.java b/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/web/servlet/DefaultServletWebServerFactoryCustomizer.java index 20f27e860a..46f8fdcced 100644 --- a/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/web/servlet/DefaultServletWebServerFactoryCustomizer.java +++ b/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/web/servlet/DefaultServletWebServerFactoryCustomizer.java @@ -24,7 +24,7 @@ import javax.servlet.ServletException; import javax.servlet.SessionCookieConfig; import org.springframework.boot.autoconfigure.web.ServerProperties; -import org.springframework.boot.autoconfigure.web.ServerProperties.Session; +import org.springframework.boot.autoconfigure.web.ServerProperties.Servlet.Session; import org.springframework.boot.autoconfigure.web.embedded.jetty.JettyCustomizer; import org.springframework.boot.autoconfigure.web.embedded.tomcat.TomcatCustomizer; import org.springframework.boot.autoconfigure.web.embedded.undertow.UndertowCustomizer; @@ -89,11 +89,11 @@ public class DefaultServletWebServerFactoryCustomizer if (this.serverProperties.getDisplayName() != null) { factory.setDisplayName(this.serverProperties.getDisplayName()); } - if (this.serverProperties.getSession().getTimeout() != null) { - factory.setSessionTimeout(this.serverProperties.getSession().getTimeout()); + if (this.serverProperties.getServlet().getSession().getTimeout() != null) { + factory.setSessionTimeout(this.serverProperties.getServlet().getSession().getTimeout()); } - factory.setPersistSession(this.serverProperties.getSession().isPersistent()); - factory.setSessionStoreDir(this.serverProperties.getSession().getStoreDir()); + factory.setPersistSession(this.serverProperties.getServlet().getSession().isPersistent()); + factory.setSessionStoreDir(this.serverProperties.getServlet().getSession().getStoreDir()); if (this.serverProperties.getSsl() != null) { factory.setSsl(this.serverProperties.getSsl()); } @@ -121,7 +121,7 @@ public class DefaultServletWebServerFactoryCustomizer (UndertowServletWebServerFactory) factory); } factory.addInitializers( - new SessionConfiguringInitializer(this.serverProperties.getSession())); + new SessionConfiguringInitializer(this.serverProperties.getServlet().getSession())); factory.addInitializers(new InitParameterConfiguringServletContextInitializer( this.serverProperties.getServlet().getContextParameters())); } diff --git a/spring-boot-project/spring-boot-autoconfigure/src/main/resources/META-INF/additional-spring-configuration-metadata.json b/spring-boot-project/spring-boot-autoconfigure/src/main/resources/META-INF/additional-spring-configuration-metadata.json index 74683db3ea..f67b215b45 100644 --- a/spring-boot-project/spring-boot-autoconfigure/src/main/resources/META-INF/additional-spring-configuration-metadata.json +++ b/spring-boot-project/spring-boot-autoconfigure/src/main/resources/META-INF/additional-spring-configuration-metadata.json @@ -1020,6 +1020,96 @@ "level": "error" } }, + { + "name" : "server.session.cookie.comment", + "type" : "java.lang.String", + "description" : "Comment for the session cookie.", + "deprecation" : { + "replacement" : "server.servlet.session.cookie.comment", + "level" : "error" + } + }, { + "name" : "server.session.cookie.domain", + "type" : "java.lang.String", + "description" : "Domain for the session cookie.", + "deprecation" : { + "replacement" : "server.servlet.session.cookie.domain", + "level" : "error" + } + }, { + "name" : "server.session.cookie.http-only", + "type" : "java.lang.Boolean", + "description" : "\"HttpOnly\" flag for the session cookie.", + "deprecation" : { + "replacement" : "server.servlet.session.cookie.http-only", + "level" : "error" + } + }, { + "name" : "server.session.cookie.max-age", + "type" : "java.time.Duration", + "description" : "Maximum age of the session cookie.", + "deprecation" : { + "replacement" : "server.servlet.session.cookie.max-age", + "level" : "error" + } + }, { + "name" : "server.session.cookie.name", + "type" : "java.lang.String", + "description" : "Session cookie name.", + "deprecation" : { + "replacement" : "server.servlet.session.cookie.name", + "level" : "error" + } + }, { + "name" : "server.session.cookie.path", + "type" : "java.lang.String", + "description" : "Path of the session cookie.", + "deprecation" : { + "replacement" : "server.servlet.session.cookie.path", + "level" : "error" + } + }, { + "name" : "server.session.cookie.secure", + "type" : "java.lang.Boolean", + "description" : "\"Secure\" flag for the session cookie.", + "deprecation" : { + "replacement" : "server.servlet.session.cookie.secure", + "level" : "error" + } + }, { + "name" : "server.session.persistent", + "type" : "java.lang.Boolean", + "description" : "Whether to persist session data between restarts.", + "defaultValue" : false, + "deprecation" : { + "replacement" : "server.servlet.session.persistent", + "level" : "error" + } + }, { + "name" : "server.session.store-dir", + "type" : "java.io.File", + "description" : "Directory used to store session data.", + "deprecation" : { + "replacement" : "server.servlet.session.store-dir", + "level" : "error" + } + }, { + "name" : "server.session.timeout", + "type" : "java.time.Duration", + "description" : "Session timeout. If a duration suffix is not specified, seconds will be used.", + "deprecation" : { + "replacement" : "server.servlet.session.timeout", + "level" : "error" + } + }, { + "name" : "server.session.tracking-modes", + "type" : "java.util.Set", + "description" : "Session tracking modes (one or more of the following: \"cookie\", \"url\", \"ssl\").", + "deprecation" : { + "replacement" : "server.servlet.session.tracking-modes", + "level" : "error" + } + }, { "name": "server.undertow.buffers-per-region", "type": "java.lang.Integer", diff --git a/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/web/servlet/DefaultServletWebServerFactoryCustomizerTests.java b/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/web/servlet/DefaultServletWebServerFactoryCustomizerTests.java index c966a4e903..5cfe666373 100644 --- a/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/web/servlet/DefaultServletWebServerFactoryCustomizerTests.java +++ b/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/web/servlet/DefaultServletWebServerFactoryCustomizerTests.java @@ -212,15 +212,15 @@ public class DefaultServletWebServerFactoryCustomizerTests { @Test public void customizeSessionProperties() throws Exception { Map map = new HashMap<>(); - map.put("server.session.timeout", "123"); - map.put("server.session.tracking-modes", "cookie,url"); - map.put("server.session.cookie.name", "testname"); - map.put("server.session.cookie.domain", "testdomain"); - map.put("server.session.cookie.path", "/testpath"); - map.put("server.session.cookie.comment", "testcomment"); - map.put("server.session.cookie.http-only", "true"); - map.put("server.session.cookie.secure", "true"); - map.put("server.session.cookie.max-age", "60"); + map.put("server.servlet.session.timeout", "123"); + map.put("server.servlet.session.tracking-modes", "cookie,url"); + map.put("server.servlet.session.cookie.name", "testname"); + map.put("server.servlet.session.cookie.domain", "testdomain"); + map.put("server.servlet.session.cookie.path", "/testpath"); + map.put("server.servlet.session.cookie.comment", "testcomment"); + map.put("server.servlet.session.cookie.http-only", "true"); + map.put("server.servlet.session.cookie.secure", "true"); + map.put("server.servlet.session.cookie.max-age", "60"); bindProperties(map); ConfigurableServletWebServerFactory factory = mock( ConfigurableServletWebServerFactory.class); @@ -536,7 +536,7 @@ public class DefaultServletWebServerFactoryCustomizerTests { @Test public void sessionStoreDir() { Map map = new HashMap<>(); - map.put("server.session.store-dir", "myfolder"); + map.put("server.servlet.session.store-dir", "myfolder"); bindProperties(map); JettyServletWebServerFactory factory = spy(new JettyServletWebServerFactory()); this.customizer.customize(factory); diff --git a/spring-boot-project/spring-boot-devtools/src/main/java/org/springframework/boot/devtools/env/DevToolsPropertyDefaultsPostProcessor.java b/spring-boot-project/spring-boot-devtools/src/main/java/org/springframework/boot/devtools/env/DevToolsPropertyDefaultsPostProcessor.java index ed1edba0fb..dbf06c0c62 100755 --- a/spring-boot-project/spring-boot-devtools/src/main/java/org/springframework/boot/devtools/env/DevToolsPropertyDefaultsPostProcessor.java +++ b/spring-boot-project/spring-boot-devtools/src/main/java/org/springframework/boot/devtools/env/DevToolsPropertyDefaultsPostProcessor.java @@ -50,7 +50,7 @@ public class DevToolsPropertyDefaultsPostProcessor implements EnvironmentPostPro devToolsProperties.put("spring.freemarker.cache", "false"); devToolsProperties.put("spring.groovy.template.cache", "false"); devToolsProperties.put("spring.mustache.cache", "false"); - devToolsProperties.put("server.session.persistent", "true"); + devToolsProperties.put("server.servlet.session.persistent", "true"); devToolsProperties.put("spring.h2.console.enabled", "true"); devToolsProperties.put("spring.resources.cache.period", "0"); devToolsProperties.put("spring.resources.chain.cache", "false"); diff --git a/spring-boot-project/spring-boot-docs/src/main/asciidoc/appendix-application-properties.adoc b/spring-boot-project/spring-boot-docs/src/main/asciidoc/appendix-application-properties.adoc index 6f0cca375c..6af4c2372b 100644 --- a/spring-boot-project/spring-boot-docs/src/main/asciidoc/appendix-application-properties.adoc +++ b/spring-boot-project/spring-boot-docs/src/main/asciidoc/appendix-application-properties.adoc @@ -194,17 +194,17 @@ content into your application. Rather, pick only the properties that you need. server.servlet.jsp.init-parameters.*= # Init parameters used to configure the JSP servlet. server.servlet.jsp.registered=true # Whether the JSP servlet is registered. server.servlet.path=/ # Path of the main dispatcher servlet. - server.session.cookie.comment= # Comment for the session cookie. - server.session.cookie.domain= # Domain for the session cookie. - server.session.cookie.http-only= # "HttpOnly" flag for the session cookie. - server.session.cookie.max-age= # Maximum age of the session cookie. If a duration suffix is not specified, seconds will be used. - server.session.cookie.name= # Session cookie name. - server.session.cookie.path= # Path of the session cookie. - server.session.cookie.secure= # "Secure" flag for the session cookie. - server.session.persistent=false # Whether to persist session data between restarts. - server.session.store-dir= # Directory used to store session data. - server.session.timeout= # Session timeout. If a duration suffix is not specified, seconds will be used. - server.session.tracking-modes= # Session tracking modes (one or more of the following: "cookie", "url", "ssl"). + server.servlet.session.cookie.comment= # Comment for the session cookie. + server.servlet.session.cookie.domain= # Domain for the session cookie. + server.servlet.session.cookie.http-only= # "HttpOnly" flag for the session cookie. + server.servlet.session.cookie.max-age= # Maximum age of the session cookie. If a duration suffix is not specified, seconds will be used. + server.servlet.session.cookie.name= # Session cookie name. + server.servlet.session.cookie.path= # Path of the session cookie. + server.servlet.session.cookie.secure= # "Secure" flag for the session cookie. + server.servlet.session.persistent=false # Whether to persist session data between restarts. + server.servlet.session.store-dir= # Directory used to store session data. + server.servlet.session.timeout= # Session timeout. If a duration suffix is not specified, seconds will be used. + server.servlet.session.tracking-modes= # Session tracking modes (one or more of the following: "cookie", "url", "ssl"). server.ssl.ciphers= # Supported SSL ciphers. server.ssl.client-auth= # Whether client authentication is wanted ("want") or needed ("need"). Requires a trust store. server.ssl.enabled= # Enable SSL support. diff --git a/spring-boot-project/spring-boot-docs/src/main/asciidoc/spring-boot-features.adoc b/spring-boot-project/spring-boot-docs/src/main/asciidoc/spring-boot-features.adoc index b2fa9ecd59..331c813a88 100644 --- a/spring-boot-project/spring-boot-docs/src/main/asciidoc/spring-boot-features.adoc +++ b/spring-boot-project/spring-boot-docs/src/main/asciidoc/spring-boot-features.adoc @@ -2809,10 +2809,10 @@ Common server settings include: * Network settings: Listen port for incoming HTTP requests (`server.port`), interface address to bind to `server.address`, and so on. -* Session settings: Whether the session is persistent (`server.session.persistence`), -session timeout (`server.session.timeout`), location of session data -(`server.session.store-dir`), and session-cookie configuration -(`server.session.cookie.*`). +* Session settings: Whether the session is persistent (`server.servlet.session.persistence`), +session timeout (`server.servlet.session.timeout`), location of session data +(`server.servlet.session.store-dir`), and session-cookie configuration +(`server.servlet.session.cookie.*`). * Error management: Location of the error page (`server.error.path`) and so on. * <> * <> diff --git a/spring-boot-samples/spring-boot-sample-session-webflux/src/test/java/sample/session/SampleSessionWebFluxApplicationTests.java b/spring-boot-samples/spring-boot-sample-session-webflux/src/test/java/sample/session/SampleSessionWebFluxApplicationTests.java index ba4f88f625..d58c4210f2 100644 --- a/spring-boot-samples/spring-boot-sample-session-webflux/src/test/java/sample/session/SampleSessionWebFluxApplicationTests.java +++ b/spring-boot-samples/spring-boot-sample-session-webflux/src/test/java/sample/session/SampleSessionWebFluxApplicationTests.java @@ -38,7 +38,7 @@ import static org.assertj.core.api.Assertions.assertThat; * @author Vedran Pavic */ @RunWith(SpringRunner.class) -@SpringBootTest(properties = "server.session.timeout:2", webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT) +@SpringBootTest(properties = "server.servlet.session.timeout:2", webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT) public class SampleSessionWebFluxApplicationTests { @LocalServerPort diff --git a/spring-boot-samples/spring-boot-sample-session/src/test/java/sample/session/SampleSessionApplicationTests.java b/spring-boot-samples/spring-boot-sample-session/src/test/java/sample/session/SampleSessionApplicationTests.java index 1b2ca4634e..7af40b0e30 100644 --- a/spring-boot-samples/spring-boot-sample-session/src/test/java/sample/session/SampleSessionApplicationTests.java +++ b/spring-boot-samples/spring-boot-sample-session/src/test/java/sample/session/SampleSessionApplicationTests.java @@ -59,7 +59,7 @@ public class SampleSessionApplicationTests { private ConfigurableApplicationContext createContext() { ConfigurableApplicationContext context = new SpringApplicationBuilder() .sources(SampleSessionApplication.class) - .properties("server.port:0", "server.session.timeout:1") + .properties("server.port:0", "server.servlet.session.timeout:1") .initializers(new ServerPortInfoApplicationContextInitializer()).run(); return context; }