Previously, the documentation did not provide any guidance on using
Jersey alongside Spring MVC or any other web framework.
This improves the documentation in two ways:
1. It notes that, in the presence of both Jersey and Spring MVC, the
Actuator will prefer Spring MVC for exposing HTTP endpoints.
2. It adds a how-to describing how to configure Jersey to forward
requests for which it has no handler on to the rest of the filter
chain. When Spring MVC is the other framework, this allows them to
be handled by its dispatcher servlet.
Closes gh-17523
This commit is a continuation of the work done in 987a5f81. In
addition to developers and licenses that are covered in the earlier
commit, a number of other settings are still inherited from the
starter parent. This commit updates the documentation to show them
being overridden as well.
Closes gh-18532
Previously, @EndpointFilter would only have an effect when used as
an annotation or meta-annotation on the endpoint class itself. It
would have no effect when used on a super-class of the endpoint
bean's class.
This commit updates EndpointDiscoverer so that an @EndpointFilter
annotation or meta-annotation on a super-class will be found and
applied to the discovery process. This is achieved by using find…
rather than get… when retrieving the attributes for the EndpointFilter
annotation.
Fixes gh-17866
Previously, AbstractDependsOnBeanFactoryPostProcessor was unordered
which meant that it was impossible to guarantee that another bean
factory post-processor would run after it. This prevented overriding
of the dependsOn relationships that is creates.
This commit updates AbstractDependsOnBeanFactoryPostProcessor to give
it a default order of zero. This will allow additional bean factory
post-processors to be configured with a lower precedence order (values
greater than 0) so that they run after any
AbstractDependsOnBeanFactoryPostProcessor and can override the
dependencies that it has configured.
Fixes gh-18362
Publishing to Maven Central requires spring-boot-starter-parent to
declare its license and developers. When a user then uses
spring-boot-starter-parent as their project's parent, these values
are inherited and this is almost certainly unwanted.
This commit updates the documentation to recommend and demonstrate
overriding the license and developers that are inherited from the
starter parent.
Closes gh-18532
Previously, the security risks and our recommendations on how to
mitigate them were not documented as clearly as they could have been.
This commit makes some changes to try to address this:
1. The security risk is now noted at the beginning of the section
2. The recommendation to use SSL is now documented more prominently
and an alternative recommendation to only use remote support on
a trusted network has been added.
3. The example secret has been removed to prevent copy and paste
4. A recommendation to use a secret that is unique and strong has been
added
Closes gh-18825
Previously, if a bean definition had no resource description, the
failure analysis description would state that the been had been
defined in null which was of no use to the user.
This commit updates the failure analysis to omit information about
where the bean was definied when the definition has no resource
description.
Fixes gh-18721
Rename `max-http-post-size` to `max-http-form-post-size` for Jetty and
Tomcat to make it clearer that they only apply to POSTed form content.
See gh-18566
Prior to this commit, all supported servers would share the same
configuration property `server.connection-timeout`. Unfortunately, in
many cases the behavior of this timeout changes depending on the server.
From actual connection setup timeout, to detecting and closing idle
connections, this property cannot be properly translated from one server
implementation to another.
This commit deprecates this configuration property and introduces server
specific properties:
* `server.jetty.connection-idle-timeout`
(Time that the connection can be idle before it is closed.)
* `server.netty.connection-timeout`
(Connection timeout of the Netty channel.)
* `server.tomcat.connection-timeout`
(Amount of time the connector will wait, after accepting a connection,
for the request URI line to be presented.)
* `server.undertow.no-request-timeout`
(Amount of time a connection can sit idle without processing a request,
before it is closed by the server.)
`server.connection-timeout` is now deprecated and will be removed in a
future release.
Fixes gh-18473
This commit adds a note to spring-boot-features.adoc to clarify that
using javadoc tags to format configuration property descriptions is not
supported.
See gh-18578
Previously, Maven's default behaviour was relied up which resulted
in the artifact ID being appended to each URL as it was inherited.
This behaviour can only be disabled in Maven 3.6 and later, a version
that we cannot use due to an incompatibility with the Flatten Plugin.
This commit works around Maven's default behaviour by defining
properties for the SCM URL, connection, and developer connection and
then explicitly defining the settings in each pom using these
properties. The explicit definition of the properties in each pom
prevents them being inherited from the parent, thereby disabling the
unwanted appending of the artifact ID to the URL.
Fixes gh-18328
Update `JerseyManagementContextConfiguration` so that customizer beans
are not longer applied. The endpoint resource endpoints are now added
with a registrar bean `@PostConstruct` method.
Prior to this commit, when running the management server on a different
port a `Resource` added by a customizer could be added two different
`ResourceConfig` instance. This breaks the singleton contract expected
by Jersey.
Fixes gh-17801
Co-authored-by: Phillip Webb <pwebb@pivotal.io>
Extract reactor specific code to an inner class to protect
against ClassNotFound exceptions if reactor is not in use.
Also add support for `Flux`.
See gh-18339
Update `CachingOperationInvoker` so that TTL caching is applied directly
to reactive types. Prior to this commit, a `Mono` would be cached, but
the values that it emitted would not.
See gh-18339
Andy Wilkinson
Stephane Nicoll
Mark Pollack
Jens Teglhus Møller
dreis2211
wwjay9
Madhura Bhave
nkjackzhang
Rafiullah Hamedy
Phillip Webb
wycm
xiaokeliu666
Brian Clozel
contextshuffling
leoli
Ted M. Young
Johnny Lim
Tadaya Tsuyukubo