This commit makes sure that customizations on the
SessionRepositoryFilter are also applied when the user provides its
own SessionRepository.
Closes gh-10254
Previously, if a user's configuration class provided a custom
Validator bean, that configuration class would be initialized very
early so that the Validator could be used to create the
auto-configured MethodValidationPostProcessor. This early
initialization could problems as it may prevent any of the
configuration class's dependencies from being post-processed.
This commit updates the injection of the Validator bean to be lazy,
thereby preventing the creation of the auto-configured
MethodValidationPostProcessor from triggering early initialization.
Closes gh-9416
This commit adds new Conditional annotations on auto-configurations
creating the Servlet/Reactive web servers. These conditions only depend
on request primitives used by the servers themselves and aren't
framework specific.
Closes gh-10163
Previously, AutoConfigureOrder defaulted to Ordered.LOWEST_PRECEDENCE.
This made is impossible for an individual auto-configuration to
indicate that it wanted to go "last", i.e. after any
auto-configuration classes that didn't not specify an order, or
specified an order other than LOWEST_PRECEDENCE.
This commit changes to default to 0, allowing a single
auto-configuration to easily indicate that it should go last.
Closes gh-10142
This commit adds a strategy interface to specific if a given DataSource
has its schema managed. The Hibernate auto-configuration uses it to set
it to "none" if a mechanism to initialize the DataSource is
found and "create-drop" otherwise.
Both Flyway and Liquibase implements that strategy interface and
register it in the context accordingly.
Closes gh-9262
Since the autoconfig totally backs off in the presence
of a WebSecurityConfigurerAdapter, there is no need to
order them ahead of/after the one provided by Spring Boot.
See gh-7958
This commit combines security autoconfigurations for
management endpoints and the rest of the application. By default,
if Spring Security is on the classpath, it turns on @EnableWebSecurity.
In the presence of another WebSecurityConfigurerAdapter this backs off
completely. A default AuthenticationManager is also provided with a user
and generated password. This can be turned off by specifying a bean of
type AuthenticationManager, AuthenticationProvider or UserDetailsService.
Closes gh-7958
This commit creates our own version of javax.servlet.DispatcherType for
configuration purpose as we can use the other one now the servlet api
is optional.
Closes gh-9856
This commit updates database initializers configuration to enable them
automatically only when an embedded `DataSource` is used. Related
configuration properties have been updated to use a more expressive
`DatabaseInitializerMode` enum rather than `Boolean` flag.
See gh-9752
Phillip Webb
Stephane Nicoll
Andy Wilkinson
Johnny Lim
Brian Clozel
Madhura Bhave
Paul Vorbach
Vedran Pavic