Closes gh-3534

Create a new project sample that demonstrate the usage of
@ConfigurationProperties with configurationPropertiesValidator.

Fixes gh-3513

Previously, a customer was set regardless of the fact that it is
supported on the target bean. DataBinder has an actual assertion check
that would fail in such a case.

We now associate the custom validator only if it supports the target
bean.

Fixes gh-3581

The default values of fields in @ConfigurationProperties classes are,
where possible, included in the configuration metadata. The default
values for the HAL and Links endpoints vary depending on other
configuration settings. As a result, including a default in the
metadata is misleading.

This commit removes the default assignment of "" to the path fields so
that no default value will be included in the metadata.

Closes gh-3567

Previously getLoggerConfig(loggerName) was used to retrieve the
LoggerConfig object on which the level was to be set. As described in the
method’s javadoc it will “remove tokens from the package name as
necessary or return the root LoggerConfig if no other matches were found”.
This is problematic as, if there’s no configuration for the logger whose
level is being configured, the level will be applied to a logger from an
outer package or to the root logger.

This commit updates Log4J2LoggingSystem to use the configuration’s map of
LoggerConfigs, rather than calling getLoggerConfig. In the event of the
level being set on an unconfigured logger, this will produce a null
LoggerConfig. When a null LoggerConfig is encountered, a new one is
created with the appropriate level. If the config already exists, its
level is set as it was before.

The code that was accessing the root logger using a magic null value
(which was then coerced into the root logger’s name (an empty string))
has also been updated to make it clearer that they are purposefully
dealing with the root logger.

Closes gh-3550

It has to come after MongoDataAutoConfiguration (not
MongoAutoConfiguration) because it looks for beans that are defined
there (e.g. MongoMappingContext which is the one that scans for entities).

Fixes gh-3577

86732509 updated the plugin so that the application plugin is no longer
applied by default. This exposed three problems:

 1. bootRepackage may run before findMainClass has run, leaving it with
    an unknown main class.
 2. findMainClass may run before the classes have been built, making it
    unable to find the main class by examining the class files
 3. The project's mainClassName property was still being used as a
    convention for the bootRun task's main property. If the application
    plugin has not be applied, then this property does not exist.

The first problem has been addressed by configuring bootRepackage to
depend on findMainClass.

The second problem has been addressed by configuring the main source
set's output as an input of findMainClass, and configuring findMainClass
to depend on the tasks that build the output.

The third problem has been addressed by only using the mainClassName
property if it exists and its value is not null. We then fallback to
using the mainClassName property on the project's extra properties in
the same way. 

See gh-2679

Previously, the Spring Boot Gradle plugin would always apply the
application plugin to a project. It then piggy-backed on the application
plugin’s mainClassName and applicationDefaultJvmArgs properties for the
configuration of the bootRun task.

This commit updates the Spring Boot Gradle plugin so that it no longer
applies the application plugin. If the user applies the application
plugin then its configuration will be used, but it’s a no longer
requirement.

Users who do not need the application plugin, but who were using the
mainClassName or applicationDefaultJvmArgs properties will need to
change their builds as a result of this change as those properties will
no longer exist. As before, the mainClassName can be configured on the
springBoot extension:

springBoot {
	mainClassName 'com.example.YourApplication'
}

The applicationDefaultJvmArgs property can be used, but it must now be
declared with the project's ext block. For example:

ext {
	applicationDefaultJvmArgs = [ '-Dcom.example.property=true' ]
}

Closes gh-2679

Typically, a Spring Boot maintenance release would not move to a new
minor version of a dependency. However there is a security
vulnerability in Groovy [1] and 2.4.4 is the only release which
contains a fix for it.

The commit upgrades to 2.4.4, thereby ensuring that users of Groovy
are not vulnerable by default. Users of Groovy whose applications are
not affected by the vulnerability may choose to downgrade back to
2.3.11 by overriding Spring Boot's dependency management.

Closes gh-3540

[1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3253

With this change a user can have `@EnableOAuth2Client` without
`@EnableOAuth2Sso`.

Fixes gh-3568

* pr/3561:
  Polish docs

Closes gh-3561

Also copies the ExpressionParser (the only public getter), trust
resolver and permission evaluator (if available in the context). Changes
the logic to not replace an existing OAuth2MethodSecurityExpressionHandler
so that users can override simply by providing a bean of that type.

Fixes gh-3542

Various areas of the code expect the management's context path to not
contain any trailing slash but nothing is enforcing it. We now make sure
to remove any trailing slash, including the one for '/' and make that
explicit via the Javadoc of the getter.

Fixes gh-3553

Use canonical version for the management's context path.

Closes gh-3546, closes gh-3547

* pr/3545:
  Polish JsonParserFactory javadoc

Closes gh-3545

Restore the deprecated method to give people a change to migrate. The
@DeprecatedConfigurationProperties annotation is now used to generate
the deprecated meta-data, removing the need for manual meta-data.

Closes gh-3537

Add a new @DeprecatedConfigurationProperties annotation which can be
used by the `ConfigurationMetadataAnnotationProcessor` to generating
meta-data deprecated blocks.

Fixes gh-3543

Closes gh-3537

* pr/3531:
  Fix typos

Closes gh-3531

Add missing default value

Set `server.session.persistent=true` when running DevTools to ensure
persistent sessions are used.

Fixes gh-3530

Update Tomcat, Jetty and Undertow to serialize session data when the
application is stopped and load it again when the application restarts.

Persistent session are opt-in; either by setting `persistentSession`
on the ConfigurableEmbeddedServletContainer or by using the property
`server.session.persistent=true`.

Fixes gh-2490