Previously, Quartz could be configured with a specific DataSource
using `@QuartzDataSource` but it was not possible to configure a
Quartz-specific transaction manager. This could result in the
different DataSources being used by Quartz itself and Quart'z
DataSourceTransactionManager.
This commit introduces a new qualifier, `@QuartzTransactionManager`,
that can be used to avoid the above-described problem. Any
`@QuartzTransactionManager`-annotated bean will be used by the
Quartz auto-configure configuration instead of the application's main
`TransactionManager`. If no such qualified bean is present, the
application's main TransactionManager, if any, will be used as before.
Fixes gh-20184
When running on Java 11 (where `@PostConstruct` is no longer part of
the JRE) and without a dependency on jakarta-annotation-api,
`@PostContruct` annotions are silently dropped. This leads to obscure and
hard-to-track down changes in the behaviour of our auto-configuration
as the `@PostConstruct`-annotated methods are not invoked.
To allow users to run on Java 11 without having jakarta-annotation-api
on the classpath, this commit removes use of `@PostConstruct` from main
code. A Checkstyle rule has also been added to prevent its usage in
main code from being reintroduced.
Closes gh-23723
Exclude `@ConfigurationProperties` beans from method validation so
that `@Validated` can be used on final classes without the method
validation post-processor throwing an exception.
This commit introduces a `FilteredMethodValidationPostProcessor` class
which will use `MethodValidationExcludeFilters` to exclude beans from
method validation processing. Using `@EnableConfigurationProperties`
will automatically register an appropriate filter.
Closes gh-21454
Previously, the locale context resolver used with WebFlux could only be
configured by provided a custom LocaleContextResolver bean. By
constrast, when using Spring MVC, the spring.mvc.locale and
spring.mvc.locale-resolver properties could be used to configure the
locale and the resolver (fixed or Accept header) respectively.
This commit introduces spring.web.locale and spring.web.locale-resolver
properties and deprecates their spring.mvc equivalents. The new
properties can be used to configure locale resolution with either
Spring MVC or WebFlux.
Closes gh-23449
Add a dedicate condition annotation to detect when Spring Security is
available but has not been configured by the user. The new annotation
helps simplify quite a few of our auto-configuration classes.
See gh-23421
Replace `WebSecurityConfigurer` and `WebSecurityConfigurerAdapter`
configurations with `WebSecurityCustomizer` or `SecurityFilterChain`
beans.
Closes gh-23421
Previously, @WebListeners were discovered via custom component scanning
and then registered programmatically via the ServletContext. The servlet
spec requires any ServletContextListener registered in this manner to be
prohibited from programatically configuring servlets, filters, and
listeners. This left us not strictly complying with the servlet spec
as a ServletContextListener registered via a @WebListener annotation
should be able to programatically configure other components.
This commit updates WebListenerHandler to register each @WebListener
component directly with Jetty, Tomcat, or Undertow rather than via the
ServletContext API. This ensure that any @WebListener-annoated
ServletContextListener registered via servlet component scanning is
able to programatically register servlets, filters, and listeners.
There is a small chance that this will be a breaking change for some
users:
1. The ServletListenerRegistrationBeans that were previously defined
for each @WebListener will now be
WebListenerHandler.WebListenerRegistrars
2. Each @WebListener-annotated class will now be instantiated by
Jetty, Tomcat, or Undertow. Jetty and Tomcat both require the class
to be public and have a public default constructor. Previously,
a package-private class or default constructor could be used as the
instantiation was performed by Spring Framework. Undertow is not
affected as it can instantiate a package-private type.
Fixes gh-18303
This commit fixes the auto-configuration of Spring Session to use
"server.servlet.session.timeout" as a fallback for Servlet-based web
applications only.
Closes gh-23752
Prior to this commit, the `StaticResourceLocation` for favicons would
point to `"/**/favicon.ico"`. This location does not reflect the current
web development landscape, since the png format and size variants are
not supported here. Also, the `"**"` pattern can be costly at runtime
and is deprecated by the new path pattern support in Spring Framework
(see gh-22833).
This commit changes the default locations to `"/favicon.*","/*/icon-*"`,
supporting common use cases such as `"/favicon.ico"`, `"/favicon.png"`
and `"/icons/icon-48x48.png"`.
Closes gh-23126
