* pr/4328:
  Polish docs

Closes gh-4328

Closes gh-4287

For some reason, Cargo fails when the Tomcat deployment tests are run
after the TomEE deployment tests. It complains that it can’t find one
of its own classes. This commit changes the order so that the TomEE
tests run before the Tomcat tests.

\_(ツ)_/¯

Previously, LoggingApplicationListener used %rEx as the default
exception conversion word. This would result in the nested causes
being logging in reverse order, i.e. the most deeply nested cause
would be logged first.

This commit updates the default to be %wEx and adds a test to verify
the default behaviour.

Closes gh-4247

Closes gh-4296

FacesListener in Mojarra 2.2.12 (used in Glassfish 4.1.1) is a
ServletContainerInitializer that’s annotated to handle types annotated
with javax.annotation.Resource.
OAuth2RestOperationsConfiguration.SessionScopedConfiguration is one such
class. This leads to com.sun.faces.config.DelegatingAnnotationProvider
calling getAnnotations on SessionScopedConfiguration.class. This fails
with a java.lang.ArrayStoreException due to SessionScopedConfiguration
being annotated with @ConditionalOnBean(OAuth2ClientConfiguration) and
OAuth2ClientConfiguration not being on the classpath.
DelegatingAnnotationProvider currently catches NoClassDefFoundErrors
thrown during its annotation processing. It needs to be made more
robust so that it also copes with an ArrayStoreException, in a similar
way to how org.glassfish.apf.impl.AnnotationProcessorImpl was updated to
fix GLASSFISH-21265 [1]. I’ve opened an issue to this effect [2].

In the meantime, we can work around the brittleness in
DelegatingAnnotationProvider by restructuring
SessionScopedConfiguration. This commit moves the use of @Resource into
a nested inner class, ClientContextConfiguration, while leaving the use
of @ConditionalOnBean on SessionScopedConfiguration. This means that it
is now ClientContextConfiguration that is passed to FacesListener and
processed by DelegatingAnnotationProcessor, thereby avoiding exposing
it to the @ConditionalOnBean annotation that it does not handle
gracefully. A Glassfish-based deployment test has also been added to
verify the fix.

Closes gh-2079
Closes gh-4321

[1] https://java.net/jira/browse/GLASSFISH-21265
[2] https://java.net/jira/browse/JAVASERVERFACES-4076

Closes gh-4260

Closes gh-1248

Previously, if getValidDocumentRoot() returned null, only the embedded
Tomcat container would use a temporary directory. This left Jetty and
Undertow unable to provide a URL for the root of the servlet context,
i.e. servletContext.getResource("/") would return null.

This commit updates the embedded containers for Jetty and Undertow to
behave in the same way as Tomcat. A test has been added to verify that
all three containers can produce a non-null URL for the root of the
servlet context.

Closes gh-2878

Closes gh-4294
Closes gh-4271

Closes gh-4304

Closes gh-4314

Previously, OrderedRequestContextFilter was ordered such that it
ran after Spring Security's Filter. This meant that the request
context was unavailable to any Filters in Spring Security's Filter
chain. Specifically, this caused a failure when using @EnableOAuth2Sso
as OAuth2ClientAuthenticationProcessingFilter, which is added to
Spring Security's Filter chain would be unable to use the
request-scoped bean upon which it depends.

This commit updates the order of OrderedRequestContextFilter so that
the request context is set up before Spring Security's Filter runs.
The tests for SampleGitHubApplication have been updated to use
TestRestTemplate rather than MockMvc. This is necessary as the latter,
via ServletTestExecutionListener, automatically populates the request
context holder, masking the fact that the request context filter was
setting it up too late.

Closes gh-4270

Closes gh-3010

Closes gh-3864

If a filter is registered in `web.xml` with no `dispatcher` element, the
spec states that it should have the `REQUEST` dispatcher type only.

As we are adding more dispatcher types by default, it can be surprising
for users migrating from a `web.xml` based  web app. The documentation
has now an explicit note about this.

Closes gh-2689

Closes gh-4311

Better describe what Spring Boot offers with regards to dependency
management and how it translates in Maven and Gradle.

Closes gh-2580
Closes gh-3695

* pr/4309:
  Polish contribution
  Polish docs

I don't think we want to keep this on a single line.

Closes gh-4309

See gh-4309

Closes gh-4159

Closes gh-3438

Closes gh-4153

Closes gh-4293

Previously, NamePatternFilter looked for “*”, “$”, “^”, or “+” when
trying to identify a string as being a regular expression. This meant
that it missed the use of a character class ([a-z], for example). This
commit adds “[“} to the list of characters that are considered to be
part of a regular expression.

Closes gh-4233

Closes gh-4193

See gh-4263

Closes gh-4263