root
/
spring-boot
mirror of https://github.com/spring-projects/spring-boot.git
1
0
Fork 0
Code Issues Actions 4 Packages Projects Releases Wiki Activity

Add error metadata for Security-related keys

This commit is contained in:
Stephane Nicoll 2017-09-14 15:47:20 +02:00
parent 7266c2d009
commit 033939e3c0
2 changed files with 190 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
spring-boot-actuator-autoconfigure/src/main/resources/META-INF/additional-spring-configuration-metadata.json
View File

@ -889,6 +889,32 @@
"level" : "error" "level" : "error"
} }
}, },
{
"name" : "management.security.enabled",
"type" : "java.lang.Boolean",
"description" : "Enable security.",
"defaultValue" : true,
"deprecation" : {
"reason": "A global security auto-configuration is now provided. Provide your own WebSecurityConfigurer bean instead.",
"level" : "error"
}
}, {
"name" : "management.security.roles",
"type" : "java.util.List<java.lang.String>",
"description" : "Comma-separated list of roles that can access the management endpoint.",
"deprecation" : {
"reason": "The security auto-configuration is no longer customizable. Provide your own WebSecurityConfigurer bean instead.",
"level" : "error"
}
}, {
"name" : "management.security.sessions",
"description" : "Session creating policy for security use (always, never, if_required,\n stateless).",
"defaultValue" : "stateless",
"deprecation" : {
"reason": "The security auto-configuration is no longer customizable. Provide your own WebSecurityConfigurer bean instead.",
"level" : "error"
}
},
{ {
"name" : "management.shell.auth.jaas.domain", "name" : "management.shell.auth.jaas.domain",
"type" : "java.lang.String", "type" : "java.lang.String",

164
spring-boot-autoconfigure/src/main/resources/META-INF/additional-spring-configuration-metadata.json
View File

@ -714,6 +714,170 @@
"level": "error" "level": "error"
} }
}, },
{
"name" : "security.basic.authorize-mode",
"description" : "Security authorize mode to apply.",
"defaultValue" : "role",
"deprecation" : {
"reason": "The security auto-configuration is no longer customizable. Provide your own WebSecurityConfigurer bean instead.",
"level" : "error"
}
}, {
"name" : "security.basic.path",
"type" : "java.lang.String[]",
"description" : "Comma-separated list of paths to secure.",
"defaultValue" : [ "/**" ],
"deprecation" : {
"reason": "The security auto-configuration is no longer customizable. Provide your own WebSecurityConfigurer bean instead.",
"level" : "error"
}
}, {
"name" : "security.basic.realm",
"type" : "java.lang.String",
"description" : "HTTP basic realm name.",
"defaultValue" : "Spring",
"deprecation" : {
"reason": "The security auto-configuration is no longer customizable. Provide your own WebSecurityConfigurer bean instead.",
"level" : "error"
}
}, {
"name" : "security.enable-csrf",
"type" : "java.lang.Boolean",
"description" : "Enable Cross Site Request Forgery support.",
"defaultValue" : false,
"deprecation" : {
"reason": "The security auto-configuration is no longer customizable. Provide your own WebSecurityConfigurer bean instead.",
"level" : "error"
}
}, {
"name" : "security.headers.cache",
"type" : "java.lang.Boolean",
"description" : "Enable cache control HTTP headers.",
"defaultValue" : true,
"deprecation" : {
"reason": "The security auto-configuration is no longer customizable. Provide your own WebSecurityConfigurer bean instead.",
"level" : "error"
}
}, {
"name" : "security.headers.content-security-policy",
"type" : "java.lang.String",
"description" : "Value for content security policy header.",
"deprecation" : {
"reason": "The security auto-configuration is no longer customizable. Provide your own WebSecurityConfigurer bean instead.",
"level" : "error"
}
}, {
"name" : "security.headers.content-security-policy-mode",
"description" : "Content security policy mode.",
"defaultValue" : "default",
"deprecation" : {
"reason": "The security auto-configuration is no longer customizable. Provide your own WebSecurityConfigurer bean instead.",
"level" : "error"
}
}, {
"name" : "security.headers.content-type",
"type" : "java.lang.Boolean",
"description" : "Enable \"X-Content-Type-Options\" header.",
"defaultValue" : true,
"deprecation" : {
"reason": "The security auto-configuration is no longer customizable. Provide your own WebSecurityConfigurer bean instead.",
"level" : "error"
}
}, {
"name" : "security.headers.frame",
"type" : "java.lang.Boolean",
"description" : "Enable \"X-Frame-Options\" header.",
"defaultValue" : true,
"deprecation" : {
"reason": "The security auto-configuration is no longer customizable. Provide your own WebSecurityConfigurer bean instead.",
"level" : "error"
}
}, {
"name" : "security.headers.hsts",
"description" : "HTTP Strict Transport Security (HSTS) mode (none, domain, all).",
"defaultValue" : "all",
"deprecation" : {
"reason": "The security auto-configuration is no longer customizable. Provide your own WebSecurityConfigurer bean instead.",
"level" : "error"
}
}, {
"name" : "security.headers.xss",
"type" : "java.lang.Boolean",
"description" : "Enable cross site scripting (XSS) protection.",
"defaultValue" : true,
"deprecation" : {
"reason": "The security auto-configuration is no longer customizable. Provide your own WebSecurityConfigurer bean instead.",
"level" : "error"
}
}, {
"name" : "security.ignored",
"type" : "java.util.List<java.lang.String>",
"description" : "Comma-separated list of paths to exclude from the default secured paths.",
"deprecation" : {
"reason": "The security auto-configuration is no longer customizable. Provide your own WebSecurityConfigurer bean instead.",
"level" : "error"
}
}, {
"name" : "security.oauth2.resource.filter-order",
"type" : "java.lang.Integer",
"description" : "The order of the filter chain used to authenticate tokens. Default puts it after\n the actuator endpoints and before the default HTTP basic filter chain (catchall).",
"defaultValue" : 0,
"deprecation" : {
"reason": "The security auto-configuration does no longer provide several security configurations. Their ordering is now explicit in your own security configuration.",
"level" : "error"
}
}, {
"name" : "security.oauth2.sso.filter-order",
"type" : "java.lang.Integer",
"description" : "Filter order to apply if not providing an explicit WebSecurityConfigurerAdapter (in\n which case the order can be provided there instead).",
"deprecation" : {
"reason": "The security auto-configuration does no longer provide several security configurations. Their ordering is now explicit in your own security configuration.",
"level" : "error"
}
}, {
"name" : "security.require-ssl",
"type" : "java.lang.Boolean",
"description" : "Enable secure channel for all requests.",
"defaultValue" : false,
"deprecation" : {
"reason": "The security auto-configuration is no longer customizable. Provide your own WebSecurityConfigurer bean instead.",
"level" : "error"
}
}, {
"name" : "security.sessions",
"type" : "org.springframework.security.config.http.SessionCreationPolicy",
"description" : "Session creation policy (always, never, if_required, stateless).",
"defaultValue" : "stateless",
"deprecation" : {
"reason": "The security auto-configuration is no longer customizable. Provide your own WebSecurityConfigurer bean instead.",
"level" : "error"
}
}, {
"name" : "security.user.name",
"type" : "java.lang.String",
"description" : "Default user name.",
"defaultValue" : "user",
"deprecation" : {
"reason": "The default user is no longer customizable. You can, for instance, define a bean of type UserDetailsService.",
"level" : "error"
}
}, {
"name" : "security.user.password",
"type" : "java.lang.String",
"description" : "Password for the default user name.",
"deprecation" : {
"reason": "The default user is no longer customizable. You can, for instance, define a bean of type UserDetailsService.",
"level" : "error"
}
}, {
"name" : "security.user.role",
"type" : "java.util.List<java.lang.String>",
"description" : "Granted roles for the default user name.",
"deprecation" : {
"reason": "The default user is no longer customizable. You can, for instance, define a bean of type UserDetailsService.",
"level" : "error"
}
},
{ {
"name": "server.context-parameters", "name": "server.context-parameters",
"type": "java.util.Map<java.lang.String,java.lang.String>", "type": "java.util.Map<java.lang.String,java.lang.String>",