Commit Graph

9248 Commits

Author SHA1 Message Date
Madhura Bhave
a3bcb2778f Add message to response body for Cloud Foundry security error
See gh-7108
2016-11-09 10:54:56 -08:00
Stephane Nicoll
8e160d7fda Merge branch '1.4.x' into 1.5.x 2016-11-08 18:24:58 +01:00
Stephane Nicoll
72e696bcbd Fixup version numbers following release 2016-11-08 18:24:42 +01:00
Spring Buildmaster
e712a9ba8c Next Development Version 2016-11-08 16:55:37 +00:00
Stephane Nicoll
36c5c3519f Merge branch '1.4.x' into 1.5.x 2016-11-08 17:03:30 +01:00
Stephane Nicoll
2a8a906d30 Upgrade to Spring AMQP 1.6.5.RELEASE
Closes gh-7347
2016-11-08 17:03:07 +01:00
Andy Wilkinson
d7ef48a9b6 Merge branch '1.4.x' into 1.5.x 2016-11-08 14:43:00 +00:00
Andy Wilkinson
2c4f39045f Stop relying on Artemis's on-demand queue creation in CLI JMS test
Artemis's on-demand queue cretaion appears to be rather flakey,
sometimes failing with a NullPointerException.

This commit ensures that the queue used by the sample is created
during start up rather than on demand. This will hopefully make the
test that runs the sample more robust.

Closes gh-7346
2016-11-08 14:36:58 +00:00
Andy Wilkinson
2e76687d17 Merge branch '1.4.x' into 1.5.x 2016-11-08 13:50:41 +00:00
Andy Wilkinson
5f44598d8b Remove use of static import that Checkstyle prohibits 2016-11-08 13:50:15 +00:00
Andy Wilkinson
218d28f74c Merge branch '1.4.x' into 1.5.x 2016-11-08 13:22:58 +00:00
Andy Wilkinson
33dcd853fd Ensure that health endpoint remains insecure without Spring Security
The changes made in 6a2ac080 mean that getSecurity() on
ManagementServerProperties will no longer return null when Spring
Security is on the classpath. This had the unwanted side-effect of
causing the health endpoint to hide its details when Spring Security
was not on the classpath.

This commit reinstates the previous behaviour by only considering
the health endpoint to be secure if Spring Security is on the
classpath and management.security.enabled is true.

Closes gh-7345
2016-11-08 13:18:05 +00:00
Andy Wilkinson
3a2d9e31ff Merge branch '1.4.x' into 1.5.x 2016-11-08 10:36:56 +00:00
Andy Wilkinson
808185ab4e Make LaunchedURLClassLoader Java 6 compatible again
Closes gh-7334
2016-11-08 10:35:18 +00:00
Andy Wilkinson
e576225959 Merge branch '1.4.x' into 1.5.x 2016-11-08 10:03:58 +00:00
Andy Wilkinson
aafb308eaf Merge pull request #7334 from Christoph Dreis
* gh-7334:
  Reinstate LaunchedURLClassLoader's registration  as parallel capable
2016-11-08 10:02:55 +00:00
dreis
7a797909ae Reinstate LaunchedURLClassLoader's registration as parallel capable
Closes gh-7334
2016-11-08 09:58:14 +00:00
Stephane Nicoll
5878e5eec5 Merge branch '1.4.x' into 1.5.x 2016-11-08 10:57:58 +01:00
Stephane Nicoll
318701daa7 Apply DispatcherServlet customizations to MockMvc
This commits makes sure that customizations on `DispatcherServlet` are
also applied to the `TestDispatcherServlet` that `MockMvc` is using
internally.

Closes gh-5891
2016-11-08 10:56:54 +01:00
Andy Wilkinson
08a9dcd4a7 Upgrade to Apache Artemis 1.4.0
Closes gh-7343
2016-11-08 08:19:37 +00:00
Stephane Nicoll
774ddc3602 Merge branch '1.4.x' into 1.5.x 2016-11-08 07:50:28 +01:00
Stephane Nicoll
18c2a2f4fe Upgrade to Spring Framework 4.3.4.RELEASE
Closes gh-7213
2016-11-08 07:48:53 +01:00
Andy Wilkinson
bb6330e9df Merge branch '1.4.x' into 1.5.x 2016-11-08 06:46:29 +00:00
Andy Wilkinson
adfc5d22ca Upgrade to Spring Integration Java DSL 1.1.4.RELEASE
Closes gh-7342
2016-11-08 06:44:47 +00:00
Andy Wilkinson
bc2a412408 Upgrade to Spring Integration 4.3.5.RELEASE
Closes gh-7341
2016-11-08 06:44:15 +00:00
Andy Wilkinson
e136ef6f7d Upgrade to Spring AMQP 1.6.4.RELEASE
Closes gh-7340
2016-11-08 06:43:42 +00:00
Andy Wilkinson
42581debfe Upgrade to Spring Security OAuth 2.0.12.RELEASE
Closes gh-7339
2016-11-08 06:38:48 +00:00
Madhura Bhave
82f89b4ac1 Add custom headers to allowed CORS headers for CF actuators
Update CORS configuration to support Authorization and X-Cf-App-Instance.

See gh-7108
2016-11-07 15:37:09 -08:00
Stephane Nicoll
3018e95261 Merge branch '1.4.x' into 1.5.x 2016-11-06 11:44:12 +01:00
Stephane Nicoll
d405265e83 Merge pull request #7326 from sebastiankirsch:master
* pr/7326:
  Polish contribution
  Add @Inherited to all AutoConfigure* classes
2016-11-06 11:43:58 +01:00
Stephane Nicoll
ebfd86ea26 Polish contribution
Closes gh-7326
2016-11-06 11:42:45 +01:00
sebastiankirsch
e8b0a64872 Add @Inherited to all AutoConfigure* classes
See gh-7326
2016-11-06 11:39:12 +01:00
Stephane Nicoll
101528f41a Merge branch '1.4.x' into 1.5.x 2016-11-06 11:36:16 +01:00
Stephane Nicoll
f80dbd1a21 Upgrade to joda-time 2.9.5
Closes gh-7308
2016-11-06 11:34:13 +01:00
Stephane Nicoll
b51f92d9a4 Merge branch '1.4.x' into 1.5.x 2016-11-06 11:25:44 +01:00
Stephane Nicoll
32950bfec1 Merge pull request #7299 from vpavic:resource-server-config
* pr/7299:
  Fix JWT token URI derivation
2016-11-06 11:25:15 +01:00
Vedran Pavic
5783cd5593 Fix JWT token URI derivation
Closes gh-7299
2016-11-06 11:24:50 +01:00
Stephane Nicoll
01e66ecbd5 Merge branch '1.4.x' into 1.5.x 2016-11-05 11:15:27 +01:00
Stephane Nicoll
4311cf333f Remove sample reference in build 2016-11-05 11:14:50 +01:00
Stephane Nicoll
2c71cb8efd Polish 2016-11-05 11:10:17 +01:00
Stephane Nicoll
4407194c00 Replace sample by integration test
Closes gh-3888
2016-11-05 11:09:36 +01:00
Stephane Nicoll
389acb094b Merge branch '1.4.x' into 1.5.x 2016-11-05 07:43:09 +01:00
Stephane Nicoll
44a32d0a5b Merge pull request #7322 from izeye:polish-20161105
* pr/7322:
  Polish
2016-11-05 07:42:50 +01:00
Johnny Lim
ec9f0ab6b4 Polish
Closes gh-7322
2016-11-05 07:42:37 +01:00
Phillip Webb
6c76353682 Default management.cloudfoundry.enabled to true
Update `CloudFoundryActuatorAutoConfiguration` so that it is enabled
when `management.cloudfoundry.enabled` is missing.

See gh-7108
2016-11-04 17:26:25 -07:00
Madhura Bhave
a77cfc3b0e Skip SSL validation when calling Cloud Foundry
Update CloudFoundrySecurityService so that SSL validation is not
required. We're unlikely to have configured public keys for the
REST endpoints we need to call. Since the endpoints are provided via
environment variables we can implicitly trust them.

See gh-7108
2016-11-04 17:26:25 -07:00
Madhura Bhave
862a06eb7a Add POST to allowed CORS methods for CF actuators
Update CORS configuration to support POST.

See gh-7108
2016-11-04 16:41:49 -07:00
Madhura Bhave
1005feb27d Update discovery endpoint to respect AccessLevel
Change `CloudFoundryDiscoveryMvcEndpoint` so that `AccessLevel` rights
are consulted so that only accessible links are returned.

See gh-7108
2016-11-04 16:41:49 -07:00
Madhura Bhave
340f1d5574 Add security for Cloud Foundry actuators
Add security to Cloud Foundry actuator endpoints. Security is enforced
by a `HanderInterceptor` on `CloudFoundryEndpointHandlerMapping`. Each
endpoint call expects an 'Authorization' header containing a bearer
token. The token signature is checked against the UAA public keys then
passed to the Cloud Controller to obtain an ultimate access level.

The client may either have 'RESTRICTED' or FULL' access, with the latter
only providing access to a limited set of endpoints.

See gh-7108
2016-11-04 16:41:48 -07:00
Phillip Webb
f15e0482c5 Merge branch '1.4.x' into 1.5.x 2016-11-04 16:01:02 -07:00