There is a direct link between the sslEnabled flag and the default port
that should be used by an address. The checks are currently set in two
places:
* Determine which port should be used
* Determine if SSL should be enabled
This commit polishes the initial proposal so that secureConnection is
only set if a protocol is available.
See gh-19109
Previously, AbstractDependsOnBeanFactoryPostProcessor was unordered
which meant that it was impossible to guarantee that another bean
factory post-processor would run after it. This prevented overriding
of the dependsOn relationships that is creates.
This commit updates AbstractDependsOnBeanFactoryPostProcessor to give
it a default order of zero. This will allow additional bean factory
post-processors to be configured with a lower precedence order (values
greater than 0) so that they run after any
AbstractDependsOnBeanFactoryPostProcessor and can override the
dependencies that it has configured.
Fixes gh-18362
Rename `max-http-post-size` to `max-http-form-post-size` for Jetty and
Tomcat to make it clearer that they only apply to POSTed form content.
See gh-18566
Prior to this commit, all supported servers would share the same
configuration property `server.connection-timeout`. Unfortunately, in
many cases the behavior of this timeout changes depending on the server.
From actual connection setup timeout, to detecting and closing idle
connections, this property cannot be properly translated from one server
implementation to another.
This commit deprecates this configuration property and introduces server
specific properties:
* `server.jetty.connection-idle-timeout`
(Time that the connection can be idle before it is closed.)
* `server.netty.connection-timeout`
(Connection timeout of the Netty channel.)
* `server.tomcat.connection-timeout`
(Amount of time the connector will wait, after accepting a connection,
for the request URI line to be presented.)
* `server.undertow.no-request-timeout`
(Amount of time a connection can sit idle without processing a request,
before it is closed by the server.)
`server.connection-timeout` is now deprecated and will be removed in a
future release.
Fixes gh-18473
Previously, Maven's default behaviour was relied up which resulted
in the artifact ID being appended to each URL as it was inherited.
This behaviour can only be disabled in Maven 3.6 and later, a version
that we cannot use due to an incompatibility with the Flatten Plugin.
This commit works around Maven's default behaviour by defining
properties for the SCM URL, connection, and developer connection and
then explicitly defining the settings in each pom using these
properties. The explicit definition of the properties in each pom
prevents them being inherited from the parent, thereby disabling the
unwanted appending of the artifact ID to the URL.
Fixes gh-18328
Update `DataSourceInitializedPublisher` to fallback to the
`LocalContainerEntityManagerFactoryBean` if the
`javax.persistence.nonJtaDataSource` property is not defined.
As of Hibernate 4.3 the property is no longer set if the `EntityManager`
is created from a `PersistenceUnitInfo` instance rather than actual
properties.
Although this is being addressed in Hibernate issue HHH-13432, it's
not strictly a requirement of the JPA spec that the property is set.
Fixes gh-17061
This will ensure that ReactiveManagementWebSecurityAutoConfiguration backs
off and that the actuator endpoints are also secured via OAuth2.
Fixes gh-17949
Previously, a number of usages of @ConditionalOnMissingBean prevented
a bean that implements an auto-configured bean's "main" interface from
causing the auto-configuration of the bean to back off. This would
happen when @ConditionalOnMissingBean did not specify a type, the
@Bean method returned the bean's concrete type, and that concreate
type implements a "main" interface.
This commit updates such usages of @ConditionalOnMissingBean to
specify the "main" interface as the type of the bean that must be
missing. This will allow, for example, the auto-configured
MongoTemplate bean to back off when a MongoOperations bean is defined.
Fixes gh-18101
Update the javadoc to note that `scanBasePackages` only affects the
`@ComponentScan` annotation and isn't a replacement for `@EntityScan`
or `@Enable...Repositories`.
Closes gh-18109
Previously, a custom FlywayMigrationInitializer bean named anything
other than flywayInitializer could result in a
NoSucBeanDefinitionException as the dependencies set up for JPA and
JDBC components used the bean name flywayInitializer.
This commit updates the configuration of the dependencies to depend
on FlywayMigrationInitializer beans by type rather than name.
Fixes gh-18105
Previously, a custom Flyway bean named anything other than flyway
could result in a NoSucBeanDefinitionException as the dependencies
set up for JPA and JDBC components used the bean name flyway.
This commit updates the configuration of the dependencies to depend
on Flyway beans by name rather than type.
Fixes gh-18102
Fix caching issues in `ApplicationContextRequestMatcher` and allow
subclasses to ignore an application context entirely. Update existing
matcher implementations so that they deal with the management context
correctly.
Prior to this commit, the `ApplicationContextRequestMatcher` would
return a context cached from the first request. It also didn't
provide any way to ignore a context. This meant that if the user was
running the management server on a different port the matching results
could be inconsistent depending on if the first request arrived on
the regular context or the management context. It also meant that we
could not distinguish between the regular context and the management
context when matching.
Closes gh-18012
This commit also changes the request matcher for MVC
endpoints to use an AntPathRequestMatcher instead of an
MvcRequestMatcher. The endpoint is always available
under the mapped endpoint path and this way the same matcher
can be used for both MVC and Jersey.
Fixes gh-17912
Co-authored-by: Phillip Webb <pwebb@pivotal.io>
The userDn and password in LdapContextSource are not nullable. The
default values for userDn and password in LdapProperties are null. When
the values are set to null there will eventually be a
NullPointerException during
AbstractContextSource#setupAuthenticatedEnvironment since HashTable
doesn't allow null for values.
See gh-17861
Missing change logs would lead to an exception even
if the checkChangeLogLocation was set to false. Spring Boot's check
would pass but Liquibase would fail later making this property redundant.
Fixes gh-16232
This commit separates the auto-configuration of the `SessionFactory` in
an isolated class so that the rest of the auto-configuration is still
applied if the user provides a custom `SessionFactory` bean.
See gh-17662
