* By default all authentication events are passed onto the
audit listener
* Access denied exceptions are still not published by Spring
Security because of a bug in the Java config support
[Fixes#48155753]
* Added AuditEvent and AuditEventRepository
* Also AuditApplicationEvent and AuditListener for
handling AUditEvents as Spring ApplicationEvents
[Fixes#48155753]
* Also extracted ManagementServerProperties into a separate
bean
* TraceRepository was still causing problems during startup,
fixed that
* Allow management endpoints to be switched off with port=0
[Fixes#49046013]
* The TraceAutoConfiguration in the service project
was loading too early because it contains a BPP
* It also had a Spring Security dependency without any
@Conditional* configuration
* Fixed by nesting the BPP in a class with @Conditional*
* Added a bean post processor for the Spring Security filter chain
(so you only get traces by default if security is on)
* Every request is logged at trace level if the dump requests flag is
on
* Requests are also dumped to a TraceRepository for later analysis (very
useful for tracing problems in real time when a support call comes in)
[Fixes#48976001]
* Use file adapters in sample instead of internal flow
* Add Exception to signature of CommandLineRunner for
implementation convenience
* Updates for Security snapshots
Dave Syer