Commit Graph

20 Commits

Author SHA1 Message Date
Phillip Webb
aca67066bf Rename RestTemplates to TestRestTemplate
Rename the RestTemplates to TestRestTemplate to help indicate that it's
primarily intended for testing. Also now extend RestTemplate to allow
direct use, rather than via factory methods.

Fixes gh-599
2014-03-27 11:22:03 -07:00
Phillip Webb
d117a6b22b Polish 2014-03-27 11:21:51 -07:00
Dave Syer
71c2c69c92 Return actual status code not 200 to machine client
Machine clients are much more fussy than browsers and we
should take care to preserve the HTTP status for them.

Fixes gh-596
2014-03-27 17:23:47 +00:00
Phillip Webb
80ac1fb0cd Polish 2014-03-15 13:02:01 -07:00
Dave Syer
7a285cf65d Convert all sample tests to @IntegrationTest where appropriate
Makes them a lot more readable IMO, and also enables @Autowiring
from the context into the test case (sweeet). I added @DirtiesContext
to all of them as well to be on the safe side, but possbly that can be
optimized in some way as well.
2014-03-11 13:54:30 +00:00
Dave Syer
6657e3ef84 More care taken with management.contextPath
The management.contextPath property should now be respected in a
secure application, whether or not the management.port is different.

Added some test cases in the sample to verify.

Fixes gh-469
2014-03-10 16:28:13 +00:00
Phillip Webb
0160760568 Apply latest eclipse cleanup rules 2014-01-21 16:28:26 -08:00
Dave Syer
f448e79f29 Remove long package names from samples
Long package names are really unnecessary in samples and they
just clutter things up. Also Spring Loaded doesn't work with
org.sfw packages, so to demo that technology you need a
different package name.
2013-12-31 08:40:26 +00:00
Dave Syer
ab4dec58ef Rename packages in samples 2013-12-18 20:05:33 -08:00
Dave Syer
bcae284dd9 Add a shim Endpoint if management context is child
When management endpoints are on a different port the HandlerMappings
are restricted to a single EndpointHandlerMapping, so the error
controller (which is a normal @Controller with @RequestMappings) does
not get mapped.

Fixed by addinga shim Endpoint on "/error" that delegates to the
ErrorController (which interface picks up an extra method).
2013-12-05 09:56:00 +00:00
Dave Syer
bd26b28aa5 Extract actuator security into separate classes
So spring-security + a web app is secure by default
(you don't need the actuator).
2013-11-21 16:47:29 +00:00
Phillip Webb
64f32893bb Source format and clean-up 2013-11-16 00:08:18 -08:00
Phillip Webb
883fd9162f Polish 2013-11-16 00:08:17 -08:00
Dave Syer
63a2d06767 Explicitly disable security on management endpoints if requested
Previously the management endpoint filter was applied to all requests
if the user had disabled security.management.enabled, but since it
had no security applied it was letting all requests through.

The fix was to explicitly exclude the whole enclosing configuration
and carefully ignore the management endpoints in the normal security
chain.

Fixes gh-100.
2013-10-31 18:46:39 +00:00
Dave Syer
0498617411 Disable whitelabel view if Thymeleaf error.html detected 2013-10-23 10:48:14 -04:00
Dave Syer
f7fa63bcb4 Add status and error messages to /trace
[Fixes #57949108] [bs-323] Make sure /trace shows error responses
2013-10-01 14:48:07 -04:00
Dave Syer
1e0e2e7102 Switch off CSRF filter
Might need to revisit later.
2013-09-05 17:14:12 -07:00
Dave Syer
43fc107437 Fix security config
The management endpoints were still all mixed up
with the user endpoints. Fixed that and extracted
user endpoints in to conditional block so not
protected if path explicitly set to empty string.

[#53029715]
2013-09-05 17:14:11 -07:00
Dave Syer
621116c9b8 ManagementServerConfiguration security
Management endpoints are still secure by default if
Spring Security is present, but now the default
user details have an ADMIN role, and a random password
(which is logged at INFO level if not overridden).

To override you add management.user.password (name, role)
to external properties.

[Fixes #53029715] [bs-203]
2013-09-05 17:14:10 -07:00
Dave Syer
5995b7727a Ops -> Actuator 2013-07-31 09:46:34 +01:00