Merge branch '2.0.x'

5d0e812a · Stephane Nicoll · d445ed75 · 1b10d3fc · 5d0e812a · 5d0e812a
Commit 5d0e812a authored Oct 04, 2018 by Stephane Nicoll
8 changed files
--- a/spring-boot-project/spring-boot-actuator-autoconfigure/src/main/resources/META-INF/additional-spring-configuration-metadata.json
+++ b/spring-boot-project/spring-boot-actuator-autoconfigure/src/main/resources/META-INF/additional-spring-configuration-metadata.json
@@ -297,6 +297,68 @@
        "level": "error"
      }
    },
+    {
+      "name": "management.server.ssl.ciphers",
+      "description": "Supported SSL ciphers."
+    },
+    {
+      "name": "management.server.ssl.client-auth",
+      "description": "Whether client authentication is wanted (\"want\") or needed (\"need\"). Requires a trust store."
+    },
+    {
+      "name": "management.server.ssl.enabled",
+      "description": "Whether to enable SSL support.",
+      "defaultValue": true
+    },
+    {
+      "name": "management.server.ssl.enabled-protocols",
+      "description": "Enabled SSL protocols."
+    },
+    {
+      "name": "management.server.ssl.key-alias",
+      "description": "Alias that identifies the key in the key store."
+    },
+    {
+      "name": "management.server.ssl.key-password",
+      "description": "Password used to access the key in the key store."
+    },
+    {
+      "name": "management.server.ssl.key-store",
+      "description": "Path to the key store that holds the SSL certificate (typically a jks file)."
+    },
+    {
+      "name": "management.server.ssl.key-store-password",
+      "description": "Password used to access the key store."
+    },
+    {
+      "name": "management.server.ssl.key-store-provider",
+      "description": "Provider for the key store."
+    },
+    {
+      "name": "management.server.ssl.key-store-type",
+      "description": "Type of the key store."
+    },
+    {
+      "name": "management.server.ssl.protocol",
+      "description": "SSL protocol to use.",
+      "defaultValue":  "TLS"
+    },
+    {
+      "name": "management.server.ssl.trust-store",
+      "description": "Trust store that holds SSL certificates."
+    },
+    {
+      "name": "management.server.ssl.trust-store-password",
+      "description": "Password used to access the trust store."
+    },
+    {
+      "name": "management.server.ssl.trust-store-provider",
+      "description": "Provider for the trust store."
+    },
+    {
+      "name": "management.server.ssl.trust-store-type",
+      "description": "Type of the trust store."
+    },
    {
      "name": "management.trace.http.enabled",
      "type": "java.lang.Boolean",

--- a/spring-boot-project/spring-boot-autoconfigure/src/main/resources/META-INF/additional-spring-configuration-metadata.json
+++ b/spring-boot-project/spring-boot-autoconfigure/src/main/resources/META-INF/additional-spring-configuration-metadata.json
@@ -29,20 +29,169 @@
        "level": "error"
      }
    },
+    {
+      "name": "server.compression.enabled",
+      "description": "Whether response compression is enabled.",
+      "defaultValue": false
+    },
+    {
+      "name": "server.compression.excluded-user-agents",
+      "description": "Comma-separated list of user agents for which responses should not be compressed."
+    },
+    {
+      "name": "server.compression.mime-types",
+      "description": "Comma-separated list of MIME types that should be compressed.",
+      "defaultValue": [
+        "text/html",
+        "text/xml",
+        "text/plain",
+        "text/css",
+        "text/javascript",
+        "application/javascript",
+        "application/json",
+        "application/xml"
+      ]
+    },
    {
      "name": "server.compression.min-response-size",
      "description": "Minimum \"Content-Length\" value that is required for compression to be performed.",
-      "type": "org.springframework.util.unit.DataSize",
      "defaultValue": "2KB"
    },
    {
      "name": "server.error.include-stacktrace",
      "defaultValue": "never"
    },
+    {
+      "name": "server.http2.enabled",
+      "description": "Whether to enable HTTP/2 support, if the current environment supports it.",
+      "defaultValue": false
+    },
    {
      "name": "server.port",
      "defaultValue": 8080
    },
+    {
+      "name": "server.servlet.jsp.class-name",
+      "description": "Class name of the servlet to use for JSPs. If registered is true and this class\n\t * is on the classpath then it will be registered.",
+      "defaultValue": "org.apache.jasper.servlet.JspServlet"
+    },
+    {
+      "name": "server.servlet.jsp.init-parameters",
+      "description": "Init parameters used to configure the JSP servlet."
+    },
+    {
+      "name": "server.servlet.jsp.registered",
+      "description": "Whether the JSP servlet is registered.",
+      "defaultValue": true
+    },
+    {
+      "name": "server.servlet.session.cookie.comment",
+      "description": "Comment for the session cookie."
+    },
+    {
+      "name": "server.servlet.session.cookie.domain",
+      "description": " Domain for the session cookie."
+    },
+    {
+      "name": "server.servlet.session.cookie.http-only",
+      "description": "Whether to use \"HttpOnly\" cookies for session cookies."
+    },
+    {
+      "name": "server.servlet.session.cookie.max-age",
+      "description": "Maximum age of the session cookie. If a duration suffix is not specified, seconds will be used."
+    },
+    {
+      "name": "server.servlet.session.cookie.name",
+      "description": "Session cookie name."
+    },
+    {
+      "name": "server.servlet.session.cookie.path",
+      "description": "Path of the session cookie."
+    },
+    {
+      "name": "server.servlet.session.cookie.secure",
+      "description": "Whether to always mark the session cookie as secure."
+    },
+    {
+      "name": "server.servlet.session.persistent",
+      "description": "Whether to persist session data between restarts.",
+      "defaultValue": false
+    },
+    {
+      "name": "server.servlet.session.store-dir",
+      "description": "Directory used to store session data."
+    },
+    {
+      "name": "server.servlet.session.timeout",
+      "description": "Session timeout. If a duration suffix is not specified, seconds will be used.",
+      "defaultValue": "30m"
+    },
+    {
+      "name": "server.servlet.session.tracking-modes",
+      "description": "Session tracking modes."
+    },
+    {
+      "name": "server.ssl.ciphers",
+      "description": "Supported SSL ciphers."
+    },
+    {
+      "name": "server.ssl.client-auth",
+      "description": "Whether client authentication is wanted (\"want\") or needed (\"need\"). Requires a trust store."
+    },
+    {
+      "name": "server.ssl.enabled",
+      "description": "Whether to enable SSL support.",
+      "defaultValue": true
+    },
+    {
+      "name": "server.ssl.enabled-protocols",
+      "description": "Enabled SSL protocols."
+    },
+    {
+      "name": "server.ssl.key-alias",
+      "description": "Alias that identifies the key in the key store."
+    },
+    {
+      "name": "server.ssl.key-password",
+      "description": "Password used to access the key in the key store."
+    },
+    {
+      "name": "server.ssl.key-store",
+      "description": "Path to the key store that holds the SSL certificate (typically a jks file)."
+    },
+    {
+      "name": "server.ssl.key-store-password",
+      "description": "Password used to access the key store."
+    },
+    {
+      "name": "server.ssl.key-store-provider",
+      "description": "Provider for the key store."
+    },
+    {
+      "name": "server.ssl.key-store-type",
+      "description": "Type of the key store."
+    },
+    {
+      "name": "server.ssl.protocol",
+      "description": "SSL protocol to use.",
+      "defaultValue":  "TLS"
+    },
+    {
+      "name": "server.ssl.trust-store",
+      "description": "Trust store that holds SSL certificates."
+    },
+    {
+      "name": "server.ssl.trust-store-password",
+      "description": "Password used to access the trust store."
+    },
+    {
+      "name": "server.ssl.trust-store-provider",
+      "description": "Provider for the trust store."
+    },
+    {
+      "name": "server.ssl.trust-store-type",
+      "description": "Type of the trust store."
+    },
    {
      "name": "spring.aop.auto",
      "type": "java.lang.Boolean",

--- a/spring-boot-project/spring-boot-docs/src/main/asciidoc/appendix-application-properties.adoc
+++ b/spring-boot-project/spring-boot-docs/src/main/asciidoc/appendix-application-properties.adoc
@@ -185,7 +185,7 @@ content into your application. Rather, pick only the properties that you need.
 	# EMBEDDED SERVER CONFIGURATION ({sc-spring-boot-autoconfigure}/web/ServerProperties.{sc-ext}[ServerProperties])
 	server.address= # Network address to which the server should bind.
 	server.compression.enabled=false # Whether response compression is enabled.
-	server.compression.excluded-user-agents= # List of user-agents to exclude from compression.
+	server.compression.excluded-user-agents= # Comma-separated list of user agents for which responses should not be compressed.
 	server.compression.mime-types=text/html,text/xml,text/plain,text/css,text/javascript,application/javascript,application/json,application/xml # Comma-separated list of MIME types that should be compressed.
 	server.compression.min-response-size=2KB # Minimum "Content-Length" value that is required for compression to be performed.
 	server.connection-timeout= # Time that connectors wait for another HTTP request before closing the connection. When not set, the connector's container-specific default is used. Use a value of -1 to indicate no (that is, an infinite) timeout.
@@ -216,23 +216,23 @@ content into your application. Rather, pick only the properties that you need.
 	server.servlet.context-parameters.*= # Servlet context init parameters.
 	server.servlet.context-path= # Context path of the application.
 	server.servlet.application-display-name=application # Display name of the application.
-	server.servlet.jsp.class-name=org.apache.jasper.servlet.JspServlet # The class name of the JSP servlet.
+	server.servlet.jsp.class-name=org.apache.jasper.servlet.JspServlet # Class name of the servlet to use for JSPs.
 	server.servlet.jsp.init-parameters.*= # Init parameters used to configure the JSP servlet.
 	server.servlet.jsp.registered=true # Whether the JSP servlet is registered.
 	server.servlet.session.cookie.comment= # Comment for the session cookie.
 	server.servlet.session.cookie.domain= # Domain for the session cookie.
-	server.servlet.session.cookie.http-only= # "HttpOnly" flag for the session cookie.
+	server.servlet.session.cookie.http-only= # Whether to use "HttpOnly" cookies for session cookies.
 	server.servlet.session.cookie.max-age= # Maximum age of the session cookie. If a duration suffix is not specified, seconds will be used.
 	server.servlet.session.cookie.name= # Session cookie name.
 	server.servlet.session.cookie.path= # Path of the session cookie.
-	server.servlet.session.cookie.secure= # "Secure" flag for the session cookie.
+	server.servlet.session.cookie.secure= # Whether to always mark the session cookie as secure.
 	server.servlet.session.persistent=false # Whether to persist session data between restarts.
 	server.servlet.session.store-dir= # Directory used to store session data.
-	server.servlet.session.timeout= # Session timeout. If a duration suffix is not specified, seconds will be used.
-	server.servlet.session.tracking-modes= # Session tracking modes (one or more of the following: "cookie", "url", "ssl").
+	server.servlet.session.timeout=30m # Session timeout. If a duration suffix is not specified, seconds will be used.
+	server.servlet.session.tracking-modes= # Session tracking modes.
 	server.ssl.ciphers= # Supported SSL ciphers.
 	server.ssl.client-auth= # Whether client authentication is wanted ("want") or needed ("need"). Requires a trust store.
-	server.ssl.enabled= # Enable SSL support.
+	server.ssl.enabled=true # Whether to enable SSL support.
 	server.ssl.enabled-protocols= # Enabled SSL protocols.
 	server.ssl.key-alias= # Alias that identifies the key in the key store.
 	server.ssl.key-password= # Password used to access the key in the key store.
@@ -1204,21 +1204,21 @@ content into your application. Rather, pick only the properties that you need.
 	management.server.address= # Network address to which the management endpoints should bind. Requires a custom management.server.port.
 	management.server.port= # Management endpoint HTTP port (uses the same port as the application by default). Configure a different port to use management-specific SSL.
 	management.server.servlet.context-path= # Management endpoint context-path (for instance, `/management`). Requires a custom management.server.port.
-	management.server.ssl.ciphers= # Supported SSL ciphers. Requires a custom management.port.
-	management.server.ssl.client-auth= # Whether client authentication is wanted ("want") or needed ("need"). Requires a trust store. Requires a custom management.server.port.
-	management.server.ssl.enabled= # Whether to enable SSL support. Requires a custom management.server.port.
-	management.server.ssl.enabled-protocols= # Enabled SSL protocols. Requires a custom management.server.port.
-	management.server.ssl.key-alias= # Alias that identifies the key in the key store. Requires a custom management.server.port.
-	management.server.ssl.key-password= # Password used to access the key in the key store. Requires a custom management.server.port.
-	management.server.ssl.key-store= # Path to the key store that holds the SSL certificate (typically a jks file). Requires a custom management.server.port.
-	management.server.ssl.key-store-password= # Password used to access the key store. Requires a custom management.server.port.
-	management.server.ssl.key-store-provider= # Provider for the key store. Requires a custom management.server.port.
-	management.server.ssl.key-store-type= # Type of the key store. Requires a custom management.server.port.
-	management.server.ssl.protocol=TLS # SSL protocol to use. Requires a custom management.server.port.
-	management.server.ssl.trust-store= # Trust store that holds SSL certificates. Requires a custom management.server.port.
-	management.server.ssl.trust-store-password= # Password used to access the trust store. Requires a custom management.server.port.
-	management.server.ssl.trust-store-provider= # Provider for the trust store. Requires a custom management.server.port.
-	management.server.ssl.trust-store-type= # Type of the trust store. Requires a custom management.server.port.
+	management.server.ssl.ciphers= # Supported SSL ciphers.
+	management.server.ssl.client-auth= # Whether client authentication is wanted ("want") or needed ("need"). Requires a trust store.
+	management.server.ssl.enabled=true # Whether to enable SSL support.
+	management.server.ssl.enabled-protocols= # Enabled SSL protocols.
+	management.server.ssl.key-alias= # Alias that identifies the key in the key store.
+	management.server.ssl.key-password= # Password used to access the key in the key store.
+	management.server.ssl.key-store= # Path to the key store that holds the SSL certificate (typically a jks file).
+	management.server.ssl.key-store-password= # Password used to access the key store.
+	management.server.ssl.key-store-provider= # Provider for the key store.
+	management.server.ssl.key-store-type= # Type of the key store.
+	management.server.ssl.protocol=TLS # SSL protocol to use.
+	management.server.ssl.trust-store= # Trust store that holds SSL certificates.
+	management.server.ssl.trust-store-password= # Password used to access the trust store.
+	management.server.ssl.trust-store-provider= # Provider for the trust store.
+	management.server.ssl.trust-store-type= # Type of the trust store.

 	# CLOUDFOUNDRY
 	management.cloudfoundry.enabled=true # Whether to enable extended Cloud Foundry actuator endpoints.

--- a/spring-boot-project/spring-boot/src/main/java/org/springframework/boot/web/server/Compression.java
+++ b/spring-boot-project/spring-boot/src/main/java/org/springframework/boot/web/server/Compression.java
@@ -23,32 +23,25 @@ import org.springframework.util.unit.DataSize;
 *
 * @author Ivan Sopov
 * @author Andy Wilkinson
+ * @author Stephane Nicoll
 * @since 2.0.0
 */
 public class Compression {

-	/**
-	 * Whether response compression is enabled.
-	 */
 	private boolean enabled = false;

-	/**
-	 * Comma-separated list of MIME types that should be compressed.
-	 */
 	private String[] mimeTypes = new String[] { "text/html", "text/xml", "text/plain",
 			"text/css", "text/javascript", "application/javascript", "application/json",
 			"application/xml" };

-	/**
-	 * Comma-separated list of user agents for which responses should not be compressed.
-	 */
 	private String[] excludedUserAgents = null;

-	/**
-	 * Minimum "Content-Length" value that is required for compression to be performed.
-	 */
 	private DataSize minResponseSize = DataSize.ofKilobytes(2);

+	/**
+	 * Return whether response compression is enabled.
+	 * @return {@code true} if response compression is enabled
+	 */
 	public boolean getEnabled() {
 		return this.enabled;
 	}
@@ -57,6 +50,10 @@ public class Compression {
 		this.enabled = enabled;
 	}

+	/**
+	 * Return the MIME types that should be compressed.
+	 * @return the MIME types that should be compressed
+	 */
 	public String[] getMimeTypes() {
 		return this.mimeTypes;
 	}
@@ -65,14 +62,6 @@ public class Compression {
 		this.mimeTypes = mimeTypes;
 	}

-	public DataSize getMinResponseSize() {
-		return this.minResponseSize;
-	}
-
-	public void setMinResponseSize(DataSize minSize) {
-		this.minResponseSize = minSize;
-	}
-
 	public String[] getExcludedUserAgents() {
 		return this.excludedUserAgents;
 	}
@@ -81,4 +70,17 @@ public class Compression {
 		this.excludedUserAgents = excludedUserAgents;
 	}

+	/**
+	 * Return the minimum "Content-Length" value that is required for compression to be
+	 * performed.
+	 * @return the minimum content size in bytes that is required for compression
+	 */
+	public DataSize getMinResponseSize() {
+		return this.minResponseSize;
+	}
+
+	public void setMinResponseSize(DataSize minSize) {
+		this.minResponseSize = minSize;
+	}
+
 }
--- a/spring-boot-project/spring-boot/src/main/java/org/springframework/boot/web/server/Http2.java
+++ b/spring-boot-project/spring-boot/src/main/java/org/springframework/boot/web/server/Http2.java
@@ -24,11 +24,12 @@ package org.springframework.boot.web.server;
 */
 public class Http2 {

-	/**
-	 * Whether to enable HTTP/2 support, if the current environment supports it.
-	 */
 	private boolean enabled = false;

+	/**
+	 * Return whether to enable HTTP/2 support, if the current environment supports it.
+	 * @return {@code true} to enable HTTP/2 support
+	 */
 	public boolean isEnabled() {
 		return this.enabled;
 	}

--- a/spring-boot-project/spring-boot/src/main/java/org/springframework/boot/web/server/Ssl.java
+++ b/spring-boot-project/spring-boot/src/main/java/org/springframework/boot/web/server/Ssl.java
 /*
- * Copyright 2012-2017 the original author or authors.
+ * Copyright 2012-2018 the original author or authors.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
@@ -21,86 +21,45 @@ package org.springframework.boot.web.server;
 *
 * @author Andy Wilkinson
 * @author Vladimir Tsanev
+ * @author Stephane Nicoll
 * @since 2.0.0
 */
 public class Ssl {

-	/**
-	 * Whether to enable SSL support.
-	 */
 	private boolean enabled = true;

-	/**
-	 * Whether client authentication is wanted ("want") or needed ("need"). Requires a
-	 * trust store.
-	 */
 	private ClientAuth clientAuth;

-	/**
-	 * Supported SSL ciphers.
-	 */
 	private String[] ciphers;

-	/**
-	 * Enabled SSL protocols.
-	 */
 	private String[] enabledProtocols;

-	/**
-	 * Alias that identifies the key in the key store.
-	 */
 	private String keyAlias;

-	/**
-	 * Password used to access the key in the key store.
-	 */
 	private String keyPassword;

-	/**
-	 * Path to the key store that holds the SSL certificate (typically a jks file).
-	 */
 	private String keyStore;

-	/**
-	 * Password used to access the key store.
-	 */
 	private String keyStorePassword;

-	/**
-	 * Type of the key store.
-	 */
 	private String keyStoreType;

-	/**
-	 * Provider for the key store.
-	 */
 	private String keyStoreProvider;

-	/**
-	 * Trust store that holds SSL certificates.
-	 */
 	private String trustStore;

-	/**
-	 * Password used to access the trust store.
-	 */
 	private String trustStorePassword;

-	/**
-	 * Type of the trust store.
-	 */
 	private String trustStoreType;

-	/**
-	 * Provider for the trust store.
-	 */
 	private String trustStoreProvider;

-	/**
-	 * SSL protocol to use.
-	 */
 	private String protocol = "TLS";

+	/**
+	 * Return whether to enable SSL support.
+	 * @return whether to enable SSL support
+	 */
 	public boolean isEnabled() {
 		return this.enabled;
 	}
@@ -109,6 +68,11 @@ public class Ssl {
 		this.enabled = enabled;
 	}

+	/**
+	 * Return Whether client authentication is wanted ("want") or needed ("need").
+	 * Requires a trust store.
+	 * @return the {@link ClientAuth} to use
+	 */
 	public ClientAuth getClientAuth() {
 		return this.clientAuth;
 	}
@@ -117,6 +81,10 @@ public class Ssl {
 		this.clientAuth = clientAuth;
 	}

+	/**
+	 * Return the supported SSL ciphers.
+	 * @return the supported SSL ciphers
+	 */
 	public String[] getCiphers() {
 		return this.ciphers;
 	}
@@ -125,6 +93,22 @@ public class Ssl {
 		this.ciphers = ciphers;
 	}

+	/**
+	 * Return the enabled SSL protocols.
+	 * @return the enabled SSL protocols.
+	 */
+	public String[] getEnabledProtocols() {
+		return this.enabledProtocols;
+	}
+
+	public void setEnabledProtocols(String[] enabledProtocols) {
+		this.enabledProtocols = enabledProtocols;
+	}
+
+	/**
+	 * Return the alias that identifies the key in the key store.
+	 * @return the key alias
+	 */
 	public String getKeyAlias() {
 		return this.keyAlias;
 	}
@@ -133,6 +117,10 @@ public class Ssl {
 		this.keyAlias = keyAlias;
 	}

+	/**
+	 * Return the password used to access the key in the key store.
+	 * @return the key password
+	 */
 	public String getKeyPassword() {
 		return this.keyPassword;
 	}
@@ -141,6 +129,11 @@ public class Ssl {
 		this.keyPassword = keyPassword;
 	}

+	/**
+	 * Return the path to the key store that holds the SSL certificate (typically a jks
+	 * file).
+	 * @return the path to the key store
+	 */
 	public String getKeyStore() {
 		return this.keyStore;
 	}
@@ -149,6 +142,10 @@ public class Ssl {
 		this.keyStore = keyStore;
 	}

+	/**
+	 * Return the password used to access the key store.
+	 * @return the key store password
+	 */
 	public String getKeyStorePassword() {
 		return this.keyStorePassword;
 	}
@@ -157,6 +154,10 @@ public class Ssl {
 		this.keyStorePassword = keyStorePassword;
 	}

+	/**
+	 * Return the type of the key store.
+	 * @return the key store type
+	 */
 	public String getKeyStoreType() {
 		return this.keyStoreType;
 	}
@@ -165,6 +166,10 @@ public class Ssl {
 		this.keyStoreType = keyStoreType;
 	}

+	/**
+	 * Return the provider for the key store.
+	 * @return the key store provider
+	 */
 	public String getKeyStoreProvider() {
 		return this.keyStoreProvider;
 	}
@@ -173,14 +178,10 @@ public class Ssl {
 		this.keyStoreProvider = keyStoreProvider;
 	}

-	public String[] getEnabledProtocols() {
-		return this.enabledProtocols;
-	}
-
-	public void setEnabledProtocols(String[] enabledProtocols) {
-		this.enabledProtocols = enabledProtocols;
-	}
-
+	/**
+	 * Return the trust store that holds SSL certificates.
+	 * @return the trust store
+	 */
 	public String getTrustStore() {
 		return this.trustStore;
 	}
@@ -189,6 +190,10 @@ public class Ssl {
 		this.trustStore = trustStore;
 	}

+	/**
+	 * Return the password used to access the trust store.
+	 * @return the trust store password
+	 */
 	public String getTrustStorePassword() {
 		return this.trustStorePassword;
 	}
@@ -197,6 +202,10 @@ public class Ssl {
 		this.trustStorePassword = trustStorePassword;
 	}

+	/**
+	 * Return the type of the trust store.
+	 * @return the trust store type
+	 */
 	public String getTrustStoreType() {
 		return this.trustStoreType;
 	}
@@ -205,6 +214,10 @@ public class Ssl {
 		this.trustStoreType = trustStoreType;
 	}

+	/**
+	 * Return the provider for the trust store.
+	 * @return the trust store provider
+	 */
 	public String getTrustStoreProvider() {
 		return this.trustStoreProvider;
 	}
@@ -213,6 +226,10 @@ public class Ssl {
 		this.trustStoreProvider = trustStoreProvider;
 	}

+	/**
+	 * Return the SSL protocol to use.
+	 * @return the SSL protocol
+	 */
 	public String getProtocol() {
 		return this.protocol;
 	}

--- a/spring-boot-project/spring-boot/src/main/java/org/springframework/boot/web/servlet/server/Jsp.java
+++ b/spring-boot-project/spring-boot/src/main/java/org/springframework/boot/web/servlet/server/Jsp.java
 /*
- * Copyright 2012-2017 the original author or authors.
+ * Copyright 2012-2018 the original author or authors.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
@@ -23,21 +23,17 @@ import java.util.Map;
 * Configuration for the server's JSP servlet.
 *
 * @author Andy Wilkinson
+ * @author Stephane Nicoll
 * @since 2.0.0
 */
 public class Jsp {

 	/**
-	 * The class name of the servlet to use for JSPs. If registered is true and this class
-	 * is on the classpath then it will be registered. Since both Tomcat and Jetty use
-	 * Jasper for their JSP implementation the default is
-	 * org.apache.jasper.servlet.JspServlet.
+	 * Class name of the servlet to use for JSPs. If registered is true and this class is
+	 * on the classpath then it will be registered.
 	 */
 	private String className = "org.apache.jasper.servlet.JspServlet";

-	/**
-	 * Init parameters used to configure the JSP servlet.
-	 */
 	private Map<String, String> initParameters = new HashMap<>();

 	/**
@@ -49,6 +45,12 @@ public class Jsp {
 		this.initParameters.put("development", "false");
 	}

+	/**
+	 * Return the class name of the servlet to use for JSPs. If {@link #getRegistered()
+	 * registered} is {@code true} and this class is on the classpath then it will be
+	 * registered.
+	 * @return the class name of the servlet to use for JSPs
+	 */
 	public String getClassName() {
 		return this.className;
 	}
@@ -57,6 +59,10 @@ public class Jsp {
 		this.className = className;
 	}

+	/**
+	 * Return the init parameters used to configure the JSP servlet.
+	 * @return the init parameters
+	 */
 	public Map<String, String> getInitParameters() {
 		return this.initParameters;
 	}
@@ -65,6 +71,10 @@ public class Jsp {
 		this.initParameters = initParameters;
 	}

+	/**
+	 * Return whether the JSP servlet is registered.
+	 * @return {@code true} to register the JSP servlet
+	 */
 	public boolean getRegistered() {
 		return this.registered;
 	}

--- a/spring-boot-project/spring-boot/src/main/java/org/springframework/boot/web/servlet/server/Session.java
+++ b/spring-boot-project/spring-boot/src/main/java/org/springframework/boot/web/servlet/server/Session.java
@@ -31,20 +31,11 @@ import org.springframework.boot.convert.DurationUnit;
 */
 public class Session {

-	/**
-	 * Session timeout. If a duration suffix is not specified, seconds will be used.
-	 */
 	@DurationUnit(ChronoUnit.SECONDS)
 	private Duration timeout = Duration.ofMinutes(30);

-	/**
-	 * Session tracking modes (one or more of the following: "cookie", "url", "ssl").
-	 */
 	private Set<Session.SessionTrackingMode> trackingModes;

-	/**
-	 * Whether to persist session data between restarts.
-	 */
 	private boolean persistent;

 	/**
@@ -68,6 +59,10 @@ public class Session {
 		this.timeout = timeout;
 	}

+	/**
+	 * Return the {@link SessionTrackingMode session tracking modes}.
+	 * @return the session tracking modes
+	 */
 	public Set<Session.SessionTrackingMode> getTrackingModes() {
 		return this.trackingModes;
 	}
@@ -76,6 +71,10 @@ public class Session {
 		this.trackingModes = trackingModes;
 	}

+	/**
+	 * Return whether to persist session data between restarts.
+	 * @return {@code true} to persist session data between restarts.
+	 */
 	public boolean isPersistent() {
 		return this.persistent;
 	}
@@ -84,6 +83,10 @@ public class Session {
 		this.persistent = persistent;
 	}

+	/**
+	 * Return the directory used to store session data.
+	 * @return the session data store directory
+	 */
 	public File getStoreDir() {
 		return this.storeDir;
 	}
@@ -102,42 +105,25 @@ public class Session {
 	 */
 	public static class Cookie {

-		/**
-		 * Session cookie name.
-		 */
 		private String name;

-		/**
-		 * Domain for the session cookie.
-		 */
 		private String domain;

-		/**
-		 * Path of the session cookie.
-		 */
 		private String path;

-		/**
-		 * Comment for the session cookie.
-		 */
 		private String comment;

-		/**
-		 * "HttpOnly" flag for the session cookie.
-		 */
 		private Boolean httpOnly;

-		/**
-		 * "Secure" flag for the session cookie.
-		 */
 		private Boolean secure;

-		/**
-		 * Maximum age of the session cookie.
-		 */
 		@DurationUnit(ChronoUnit.SECONDS)
 		private Duration maxAge;

+		/**
+		 * Return the session cookie name.
+		 * @return the session cookie name
+		 */
 		public String getName() {
 			return this.name;
 		}
@@ -146,6 +132,10 @@ public class Session {
 			this.name = name;
 		}

+		/**
+		 * Return the domain for the session cookie.
+		 * @return the session cookie domain
+		 */
 		public String getDomain() {
 			return this.domain;
 		}
@@ -154,6 +144,10 @@ public class Session {
 			this.domain = domain;
 		}

+		/**
+		 * Return the path of the session cookie.
+		 * @return the session cookie path
+		 */
 		public String getPath() {
 			return this.path;
 		}
@@ -162,6 +156,10 @@ public class Session {
 			this.path = path;
 		}

+		/**
+		 * Return the comment for the session cookie.
+		 * @return the session cookie comment
+		 */
 		public String getComment() {
 			return this.comment;
 		}
@@ -170,6 +168,10 @@ public class Session {
 			this.comment = comment;
 		}

+		/**
+		 * Return whether to use "HttpOnly" cookies for session cookies.
+		 * @return {@code true} to use "HttpOnly" cookies for session cookies.
+		 */
 		public Boolean getHttpOnly() {
 			return this.httpOnly;
 		}
@@ -178,6 +180,11 @@ public class Session {
 			this.httpOnly = httpOnly;
 		}

+		/**
+		 * Return whether to always mark the session cookie as secure.
+		 * @return {@code true} to mark the session cookie as secure even if the request
+		 * that initiated the corresponding session is using plain HTTP
+		 */
 		public Boolean getSecure() {
 			return this.secure;
 		}
@@ -186,6 +193,10 @@ public class Session {
 			this.secure = secure;
 		}

+		/**
+		 * Return the maximum age of the session cookie.
+		 * @return the maximum age of the session cookie
+		 */
 		public Duration getMaxAge() {
 			return this.maxAge;
 		}