Commit Graph

187 Commits

Author SHA1 Message Date
Phillip Webb
80ac1fb0cd Polish 2014-03-15 13:02:01 -07:00
Phillip Webb
22e397cda2 Polish 2014-03-13 13:11:54 -07:00
Dave Syer
6657e3ef84 More care taken with management.contextPath
The management.contextPath property should now be respected in a
secure application, whether or not the management.port is different.

Added some test cases in the sample to verify.

Fixes gh-469
2014-03-10 16:28:13 +00:00
Dave Syer
c9efa5ac13 Allow non-string return from health query 2014-03-08 16:04:30 +00:00
Phillip Webb
99350a2216 Tidy ConfigurableEmbeddedServletContainerFactory
Rename ConfigurableEmbeddedServletContainerFactory to
ConfigurableEmbeddedServletContainer and extract
AbstractConfigurableEmbeddedServletContainer from
AbstractEmbeddedServletContainerFactory.
2014-03-03 21:10:56 -08:00
Phillip Webb
468728a2c0 Polish 2014-03-03 17:50:19 -08:00
Dave Syer
07b88630f4 Be defensive with auto-config of Servlet 3.0 features
There's no explicit support for older Servlet specs in Spring Boot,
but we can at least make it easy for others to provide such
support by not adding stuff to the context when in an older container.
2014-03-03 18:08:38 +00:00
Dave Syer
b0b7bc0e7f Fix tests
Some assumptions were being made in tests, e.g. about
there being an AuthenticationManager @Bean, which were
false with the new Security 3.2.1 updates from Rob.

Also parent-child contexts with the actuator were
problematic because they didn't exclude the web configuration
for the management security in the parent context.

Fixes gh-244
2014-03-03 12:22:36 +00:00
Rob Winch
6b0eba3759 Update to Spring Security 3.2.1
Also change strategy for defaulting of Authentication. Spring
Boot authentication defaults are now encapsulated and can easily
be overridden by a user defined AuthenticationManager.
2014-03-03 12:21:37 +00:00
Dave Syer
13e040c06e Add ErrorWrapperEmbeddedServletContainerFactory for error pages in WARs
Error pages are a feature of the servlet spec but there is no Java API for
registering them in the spec. This filter works around that by accepting error page
registrations from Spring Boot's EmbeddedServletContainerCustomizer (any beans
of that type in the context will be applied to this container).

In addition the ErrorController interface was enhanced to provide callers
the option to suppress logging.

Fixes gh-410
2014-03-03 09:52:40 +00:00
Dave Syer
82f49abeba Expose setter for Map store in InMemoryMetricRepository
User can then use a weak reference map (for instance), if worried
about memory usage.
2014-02-26 17:07:31 +00:00
Phillip Webb
083cb388c0 Upgrade to Spring Security 3.2.1
Fixes gh-392
2014-02-24 21:54:33 -08:00
Phillip Webb
cf23b519d2 Polish 2014-02-24 13:43:54 -08:00
Dave Syer
08d8cb8efd Add /mappings endpoint
Lists AbstractUrlMappings and AbstractHandlerMethodMappings
in a loose Map structure. E.g.

{
  "/**/favicon.ico": {
    "bean": "faviconHandlerMapping"
  },
  "/**": {
    "bean": "resourceHandlerMapping"
  },
  "/webjars/**": {
    "bean": "resourceHandlerMapping"
  },
  "{[/error],methods=[],params=[],headers=[],consumes=[],produces=[],custom=[]}":
     {
       "bean": "requestMappingHandlerMapping",
       "method": "public java.util.Map<java.lang.String, java.lang.Object> org.springframework.boot.actuate.web.BasicErrorController.error(javax.servlet.http.HttpServletRequest)"
...
}

Fixes gh-378
2014-02-24 13:34:07 +00:00
Dave Syer
d98bfdea37 Make sure metricsExecutor is shutdown cleanly
The default executor for publishing metrics was a single
thread (native JDK) ExecutorService with a non-daemon thread.
Changed it to a Spring-managed thread pool of size 1, which
is then shutdown with e ApplicationContext automatically.

Fixes gh-388
2014-02-24 11:32:27 +00:00
Dave Syer
b2b487ee5f Add ServletRegistrationBean for DispatcherServlet
Mapping is exposed via server.servletPath.

Fixes gh-379
2014-02-20 09:49:24 +00:00
Dave Syer
0aa3b00fdf Ensure shutdown endpoint is disabled by default
Fixes gh-377
2014-02-20 08:36:18 +00:00
Phillip Webb
b69c659d8f Polish 2014-02-18 21:58:09 -08:00
Dave Syer
f888567c1d Be defensive about Spring Security dependencies
In particular don't assume that Spring Security Web is on the
classpath, just because Spring Security Core is.

Fixes gh-363
2014-02-17 18:08:23 +00:00
Christian Dupuis
af75dd0e40 Move remaining properties for consistency 2014-02-06 14:50:35 +01:00
Phillip Webb
ed9735361e Apply source cleanup and formatting 2014-02-05 22:53:28 -08:00
Phillip Webb
80f2336f17 Polish 2014-02-05 22:31:56 -08:00
Phillip Webb
8763fab0e7 Extract inner configuration property classes
Extract all inner @ConfigurationProperties classes from @Configuration
classes for consistency.
2014-02-05 18:12:41 -08:00
Phillip Webb
37c2c89bcb Restructure packages
Improve package structure and attempt to co-locate related classes.
2014-02-05 14:39:01 -08:00
Phillip Webb
31c385470e Update ErrorMvcAutoConfiguration for Spring 4
Update ErrorMvcAutoConfiguration thymeleaf condition to use the
`spring4` package.

Fixes gh-310
2014-02-04 12:29:40 -08:00
Phillip Webb
676cacd308 Use '-1' to disable management port
Update `EndpointWebMvcAutoConfiguration` to use '-1' to indicate that
the management context should be disabled. This brings consistency
between the server settings and the management settings and allows '0'
to be used to pick a random port.

Fixed gh-311
2014-02-04 12:03:29 -08:00
Phillip Webb
f7d4490b2d Fix package tangle with AutoConfigurationReport
Rename AutoConfigurationReport to ConditionEvaluationReport and
co-locate with conditions.
2014-02-03 17:25:50 -08:00
Christian Dupuis
5e2cfe1cfe Add some javadoc. Fix typos. 2014-02-03 09:55:46 +01:00
Phillip Webb
6431fef91e Polish 2014-01-31 22:51:41 -08:00
Christian Dupuis
3911ce3e29 Filter out CGLIB generated bean properties from configuration properties report 2014-01-31 12:16:17 +01:00
Christian Dupuis
6519ee0171 Change order of properties in endpoint mbean objectNames to make display in jconsole nicer 2014-01-31 12:16:17 +01:00
Dave Syer
2bd6026a2a Exclude null and empty properties from /autoconfig 2014-01-30 10:37:22 +00:00
Christian Dupuis
5cf2387e58 Append context id to objectName of Endpoint MBeans if name already exists in MBeanServer 2014-01-29 21:06:32 +01:00
Dave Syer
4d608f20e9 Support for AuthenticationManagerBuilder injection into user code
Spring Boot provides a default AuthenticatiomManager for getting
started quickly with security and never exposing insecure
endpoints. To override that feature as users move to the next
stage in their project, they may have to do something slightly
different depending on whether it is a webapp or not.

In any app (web or not), providing a @Bean of type
AuthenticationManager always works, but you don't get the benefit of
the builder features.

In a webapp the user can also extend WebSecurityConfigurerAdapter
to provides a custom AuthenticationManager, and the preferred
way of doing that is via a void method that is autowired with an
AuthenticationManagerBuilder. The default AuthenticationManager is
built in a configurer with @Order(LOWEST_PRECEDENCE - 3) so
to override it the user's confugrer must have higher precedence
(lower @Order).

@EnableGlobalMethodSecurity can also be used in a non-webapp, and
Spring Boot will still provide a default AuthenticationManager.
To override it the user has to either extend
GlobalMethodSecurityConfiguration or provide a @Bean of type
AuthenticationManager (there's no other way to
capture the AuthenticationManagerBuilder that doesn't happen too late
in the beans lifecyle).

Fixes gh-244
2014-01-29 15:47:46 +00:00
Christian Dupuis
07238b1ce8 Restructure /configprops output
/configprops output now contains the prefix from @ConfigurationProperties as wells as bean name and actual properties

fixes #267
2014-01-28 14:42:00 +01:00
Christian Dupuis
7681d0841f Add missing bean property getters 2014-01-28 14:42:00 +01:00
Christian Dupuis
efe8494f46 Remove hard coded bean names for couple of @ConfigurationProperties beans 2014-01-28 14:42:00 +01:00
Dave Syer
5a7d89c9a9 Look in parent context for Endpoints to expose
Fixes gh-275
2014-01-28 07:08:46 +00:00
Dave Syer
2d54b54d81 Listen for parent close events and close child context
If the context hierarchy is from a SpringApplication we can control
the shutdown semantics a bit. Specifically we need a listener in the child context
that will shut it down when the parent closes (since assummably the child relies
on beans in the arent that may now be disposed).

Fixes gh-275
2014-01-28 07:08:38 +00:00
Phillip Webb
e545e5aa32 Polish 2014-01-23 22:01:47 -08:00
Dave Syer
195eb9f9bc Updates to redis repositories
* Ensure prefix ends with period
* Allow prefix and key index to be set separately
2014-01-23 10:21:31 +00:00
Dave Syer
a2f70c6f4f Add javadocs to some Metrics interfaces
Fixes gh-250
2014-01-22 09:53:52 +00:00
Phillip Webb
43e54d38f7 Make fields private where possible 2014-01-21 16:29:07 -08:00
Phillip Webb
0160760568 Apply latest eclipse cleanup rules 2014-01-21 16:28:26 -08:00
Phillip Webb
ac54d7fe3c Final polish before 1.0.0.RC1 2014-01-21 16:28:17 -08:00
Phillip Webb
cdda330acd Update copyright header for files changed in 2014 2014-01-21 10:27:10 -08:00
Phillip Webb
e38f10d7a6 Upgrade CRaSH shell to 1.3.0-beta14 2014-01-20 22:18:28 -08:00
Dave Syer
8db1d0e044 Fix some TODOs 2014-01-19 16:00:10 +00:00
Phillip Webb
0a6074be6f Fix failing test due to cache timeout property
Related to gh-232
2014-01-18 11:51:14 -08:00
Phillip Webb
47da8a817a Polish 2014-01-10 13:06:54 -08:00