root
/
spring-boot
mirror of https://github.com/spring-projects/spring-boot.git
1
0
Fork 0
Code Issues Actions 12 Packages Projects Releases Wiki Activity
35,884 Commits 23 Branches 353 Tags 292 MiB
Commit Graph

594 Commits

Author SHA1 Message Date
Madhura Bhave d9d161cd6b Allow previously authorized users to access the error page 
Prior to this commit, the `ErrorPageSecurityFilter` verified if
access to the error page was allowed by invoking the
`WebInvocationPrivilegeEvaluator` with the Authentication from the
`SecurityContextHolder`.
This meant that access to the error page was denied for a `null` Authentication
 or `AnonymousAuthenticationToken` in cases where the error page required
authenticated access. This prevented authorized users from accessing the
error page in case the Authentication wasn't retrievable for the error dispatch,
which is the case for `@Transient` authentication or stateless session policy.

This commit updates the `ErrorPageSecurityFilter` to check access to the error page
only if the error is an authn or authz error in cases where an authentication object
is not found in the SecurityContextHolder. This makes the error response consistent
when bad credentials or no credentials are used while also allowing access to previously
authorized users.

Fixes gh-28953
 2021-12-17 16:58:58 -08:00
Phillip Webb 7981a82785 Merge branch '2.7.x' 2021-12-16 13:50:15 -08:00
Phillip Webb f676602c96 Merge branch '2.5.x' into 2.6.x 2021-12-16 13:49:12 -08:00
Phillip Webb 783981ba98 Merge branch '2.4.x' into 2.5.x 2021-12-16 13:48:25 -08:00
Phillip Webb d336a96b7f Update web.xml xsd references to for 3.1 version 
See gh-29075
 2021-12-16 13:45:12 -08:00
Phillip Webb 003fb229fd Merge branch '2.7.x' 2021-12-16 13:07:22 -08:00
Phillip Webb c0023118a9 Merge branch '2.7.x' 
Closes gh-29079
 2021-12-15 22:19:36 -08:00
Phillip Webb 6e01c3edbe Merge branch '2.5.x' into 2.6.x 
Closes gh-29077
 2021-12-15 22:17:22 -08:00
Phillip Webb 17363d1b3a Merge branch '2.4.x' into 2.5.x 
Closes gh-29076
 2021-12-15 22:16:37 -08:00
Phillip Webb 1749c893dc Update web-app version to 3.1 
Update the web-app version specified in `web.xml` to 3.1 in order to
make Eclipse happy.

Closes gh-29075
 2021-12-15 22:14:52 -08:00
Andy Wilkinson 3b23c542a0 Test servlet 3.1 compatibility in deployment tests 
Closes gh-28906
 2021-12-09 12:24:43 +00:00
Andy Wilkinson fe7b13ec46 Upgrade to Spring Framework 6 and Jakarta EE 9 
Closes gh-28619
Closes gh-28620
Closes gh-28621
Closes gh-28622
Closes gh-28623
Closes gh-28624
Closes gh-28625
Closes gh-28626
Closes gh-28627
Closes gh-28628
Closes gh-28629
Closes gh-28630
Closes gh-28631
Closes gh-28632
Closes gh-28633
Closes gh-28634
Closes gh-28635
Closes gh-28636
Closes gh-28638
Closes gh-28639
Closes gh-28640
Closes gh-28644
Closes gh-28645
Closes gh-28650
Closes gh-28711
Closes gh-28866
Closes gh-28867
Closes gh-28868
Closes gh-28872

See gh-28641
See gh-28642
See gh-28643
See gh-28646
See gh-28647
See gh-28648
See gh-28649
See gh-28721
See gh-28869
See gh-28871
 2021-11-30 20:32:16 +00:00
Andy Wilkinson b6ba46942b Remove Atmosphere sample to prepare for Servlet 5 upgrade 
Closes gh-28786
 2021-11-30 15:55:49 +00:00
Andy Wilkinson c25890354b Remove Hazelcast 3 smoke test to prepare for Hazelcast 5 upgrade 
Closes gh-28827
 2021-11-30 15:55:49 +00:00
Andy Wilkinson 90e8a7da3a Remove Hibernate 5.2 smoke test to prepare for EE 9 upgrade 
Closes gh-28826
 2021-11-30 15:55:49 +00:00
Andy Wilkinson 28bce49057 Remove Jetty 10 smoke tests to prepare for Jetty 11 upgrade 
Closes gh-28825
 2021-11-30 15:55:48 +00:00
Andy Wilkinson ba19440f8c Drop support for EhCache 3 until it supports Jakarta EE 9 
Closes gh-28800
 2021-11-30 15:55:48 +00:00
Andy Wilkinson a17d6f9791 Drop support for Infinispan until it is Jakarta EE 9 compatible 
Closes gh-28799
 2021-11-30 15:55:48 +00:00
Scott Frederick 015dca1956 Remove support for Thymeleaf 
Closes gh-28611
 2021-11-30 15:55:47 +00:00
Andy Wilkinson 85f9949513 Remove support for Jolokia 
Closes gh-28704
 2021-11-30 15:55:47 +00:00
Andy Wilkinson 8bf2ffd93c Drop support for Jersey until jersey-spring6 is available 
Closes gh-28808
 2021-11-30 15:39:39 +00:00
Scott Frederick 29a21d4621 Remove support for Spring Data Couchbase and Couchbase caching 
Fixes gh-28613
 2021-11-30 15:39:28 +00:00
Andy Wilkinson 63492507b4 Remove support for Apache ActiveMQ 
Closes gh-28591
 2021-11-30 15:38:46 +00:00
Andy Wilkinson 64bf33038d Remove support for EhCache 2 
Closes gh-28588
 2021-11-30 15:38:23 +00:00
Andy Wilkinson ef02cc9bff Remove support for Atomikos 
Closes gh-28589
 2021-11-30 15:38:01 +00:00
Andy Wilkinson 900085628a Raise the minimum supported version of Java to 17 
Closes gh-28101
 2021-11-30 15:37:40 +00:00
Andy Wilkinson 814c86c5e8 Raise the minimum supported version of Gradle to 7.3 
Closes gh-28100
 2021-11-30 15:36:54 +00:00
Phillip Webb beb68671bb Update copyright year of changed files 2021-11-24 10:23:32 -08:00
Scott Frederick 4eed637481 Merge branch '2.5.x' 
Closes gh-28789
 2021-11-23 12:45:46 -06:00
Scott Frederick 12244a8edd Remove use of Thymeleaf from smoke tests 
Closes gh-28788
 2021-11-23 12:13:05 -06:00
Andy Wilkinson 015cf920da Name custom task inputs 
Closes gh-28753
 2021-11-19 15:35:39 +00:00
Phillip Webb b6d0b44703 Fix @SuppressWarnings 2021-11-18 17:26:18 -08:00
Madhura Bhave dd1d1482dc Deny unauthorized access to the error page 
Fixes gh-26356

Co-authored-by Andy Wilkinson <wilkinsona@vmware.com>
 2021-11-18 15:41:38 -08:00
Andy Wilkinson 7ed19a3b59 Merge branch '2.5.x' 
Closes gh-28735
 2021-11-18 12:21:11 +00:00
Andy Wilkinson 88457d9cfa Merge branch '2.4.x' into 2.5.x 
Closes gh-28734
 2021-11-18 12:20:50 +00:00
Andy Wilkinson 7d19ea4ca1 Limit log output produced by spring-boot-deployment-tests:intTest 
Closes gh-28730
 2021-11-18 12:18:34 +00:00
Madhura Bhave 6b79d2860f Merge branch '2.5.x' into main 
Closes gh-28724
 2021-11-17 16:41:23 -08:00
Madhura Bhave 64270eca51 Convert environment used by SpringBootTestContextLoader 
This commit aligns `SpringBootTest`s to also use `ApplicationEnvironment`
instead of `StandardEnvironment`. This prevents the side-effect of active
profiles from `@ActiveProfiles` from being added to the environment when
doGetActiveProfiles is called. In this case, calling `addActiveProfiles()`
in the environment post processor would result in `@ActiveProfiles` being
added to the environment first, resulting in the wrong order.

The additional call to `setActiveProfiles()` is also not necessary when using
ApplicationEnvironment because that call was put in place to prevent the side-effect
which `ApplicationEnvironment` does not have.

Fixes gh-28530
 2021-11-17 16:40:53 -08:00
Andy Wilkinson 2a342ef416 Merge branch '2.5.x' 
Closes gh-28662
 2021-11-12 23:40:35 +00:00
Andy Wilkinson 5e4a502b2d Merge branch '2.4.x' into 2.5.x 
Closes gh-28661
 2021-11-12 20:31:25 +00:00
Andy Wilkinson 2cec3971d7 Prohibit unwanted dependencies in all modules not just starters 
Closes gh-28658
 2021-11-12 20:04:35 +00:00
Andy Wilkinson c80283b85f Merge branch '2.5.x' 
Closes gh-28653
 2021-11-12 13:05:42 +00:00
Andy Wilkinson 92fd3b79a5 Merge branch '2.4.x' into 2.5.x 
Closes gh-28652
 2021-11-12 13:05:14 +00:00
Andy Wilkinson 08aac25c00 Limit logging produced by spring-boot-loader-tests's intTest task 
Closes gh-28651
 2021-11-12 13:04:10 +00:00
Andy Wilkinson c7a2d61aee Merge branch '2.4.x' 
Closes gh-28485
 2021-10-29 13:48:36 +01:00
Andy Wilkinson 7fe6f4887c Merge branch '2.4.x' into 2.5.x 
Closes gh-28484
 2021-10-29 13:48:23 +01:00
Andy Wilkinson 22d85e6d7b Allow tests to be run in parallel across multiple workers 
Closes gh-19876
 2021-10-29 12:48:45 +01:00
Andy Wilkinson 2541c0cbdc Disable on Windows tests that use embedded Kafka 
Closes gh-28406
 2021-10-21 10:46:50 +01:00
Madhura Bhave 42d21a8336 Remove parameterization of session smoke tests 
There are dedicated smoke tests for Hazelcast, MongoDB and Redis
that run on CI.
This commit also polishes some of the other smoke tests related to
Spring Session
 2021-10-19 16:47:53 -07:00
Madhura Bhave 2caa6cb227 Polish "Add smoke tests for Spring Session Redis/Mongo" 
See gh-28362
 2021-10-19 15:54:19 -07:00
Angel L. Villalain Garcia 9a16c246ec Add smoke tests for Spring Session Redis/Mongo 
Add smoke tests that verify the correct behavior of the sessions
endpoint when using Spring Session with MongoDB and Redis.

See gh-28362
 2021-10-19 15:53:59 -07:00
Stephane Nicoll 4ebac4cc66 Merge branch '2.5.x' 
Closes gh-28279
 2021-10-11 09:09:15 +02:00
Stephane Nicoll 0103eb123b Merge branch '2.4.x' into 2.5.x 
Closes gh-28278
 2021-10-11 09:09:08 +02:00
dreis2211 ae1167e026 Remove unused settings.xml in integration tests 
See gh-28269
 2021-10-11 09:08:29 +02:00
Madhura Bhave b350eaee8a Fix checkstyle 2021-10-06 21:36:52 -07:00
Madhura Bhave 1ff900cce8 Merge pull request #28173 from kandulsh 
* pr/28173:
  Polish "Add smoke test with Spring Session and Hazelcast"
  Add smoke test with Spring Session and Hazelcast

Closes gh-28173
 2021-10-06 16:02:24 -07:00
Madhura Bhave 8dcf3e2c70 Polish "Add smoke test with Spring Session and Hazelcast" 
See gh-28173
 2021-10-06 16:02:14 -07:00
Susmitha 70dd655b60 Add smoke test with Spring Session and Hazelcast 
See gh-28173
 2021-10-06 16:00:27 -07:00
Andy Wilkinson 0b58d4858d Merge branch '2.5.x' 
Closes gh-28200
 2021-10-05 11:13:20 +01:00
Andy Wilkinson 322615d9c5 Merge branch '2.4.x' into 2.5.x 
Closes gh-28199
 2021-10-05 11:12:48 +01:00
Andy Wilkinson 8c3820f87e Fix up-to-date checking of syncAppSource tasks 
Previously, the project version was used while filtering the apps
source during syncing but it was not considered as an input to
the task. This could result in the syncing being skipped even though
the project's version had changed.

This commit introduces a new custom task to make the configuration
more declarative and to allow the necessary input configuration to be
done in a single place.

Closes gh-28197
 2021-10-05 11:08:22 +01:00
Andy Wilkinson 29637706a9 Merge branch '2.5.x' 
Closes gh-28166
 2021-10-01 14:16:33 +01:00
Andy Wilkinson 14a57adb53 Merge branch '2.4.x' into 2.5.x 
Closes gh-28165
 2021-10-01 14:16:20 +01:00
Andy Wilkinson 35b16ea04e Minimize dependencies of launch script test app 
Closes gh-28164
 2021-10-01 14:15:52 +01:00
Phillip Webb 55a1ec72cc Update copyright year of changed files 2021-09-21 11:25:50 -07:00
Phillip Webb 4c2c4ec16c Merge branch '2.5.x' 2021-09-21 11:25:36 -07:00
Phillip Webb 5ba69634c9 Merge branch '2.4.x' into 2.5.x 2021-09-21 11:17:55 -07:00
Phillip Webb dfd36673f7 Update copyright year of changed files 2021-09-21 11:17:19 -07:00
dreis2211 cf0fcafd13 Polish 
See gh-27940
 2021-09-21 08:08:29 +02:00
Madhura Bhave 8fd9eb72d4 Allow part of a composite contributor in a health group 
Closes gh-23027

Co-authored-by: Phillip Webb <pwebb@vmware.com>
 2021-08-18 15:44:10 -07:00
Andy Wilkinson fd2fbcb3c6 Merge branch '2.5.x' 
Closes gh-27758
 2021-08-18 18:28:34 +01:00
Andy Wilkinson 6d8ba3e8b1 Merge branch '2.4.x' into 2.5.x 
Closes gh-27757
 2021-08-18 17:56:32 +01:00
Andy Wilkinson ffbd28b60a Polish "Polish access modifiers for test classes" 
See gh-27736
 2021-08-18 17:52:42 +01:00
izeye 8a425dedfd Polish access modifiers for test classes 
See gh-27736
 2021-08-18 17:38:40 +01:00
Andy Wilkinson 2dfdcf5e88 Merge branch '2.5.x' 
Closes gh-27754
 2021-08-18 13:52:23 +01:00
Andy Wilkinson 0d904b8868 Merge branch '2.4.x' into 2.5.x 
Closes gh-27753
 2021-08-18 13:51:49 +01:00
Andy Wilkinson 0b7994a679 Polish "Use 2012 for copyright beginning year" 
See gh-27734
 2021-08-18 13:48:29 +01:00
Andy Wilkinson e737388f5c Merge branch '2.5.x' 
Closes gh-27654
 2021-08-12 18:09:04 +01:00
Andy Wilkinson d6cf46acc5 Merge branch '2.4.x' into 2.5.x 
Closes gh-27653
 2021-08-12 18:08:37 +01:00
Andy Wilkinson 403dda7f0d Remove field inject and circular reference from Data Mongo smoke test 
Closes gh-27651
 2021-08-12 18:07:42 +01:00
Andy Wilkinson e265825653 Merge branch '2.5.x' 
Closes gh-27506
 2021-07-27 11:03:00 +01:00
Andy Wilkinson 08e26c97aa Merge branch '2.4.x' into 2.5.x 
Closes gh-27505
 2021-07-27 11:02:20 +01:00
Andy Wilkinson 031a036c9f Customize security filter registration in separate management context 
Fixes gh-27372
 2021-07-27 10:57:38 +01:00
Scott Frederick 32bb6f6989 Move deployment tests to system tests pipeline 
Closes gh-27499
 2021-07-26 15:29:56 -05:00
Andy Wilkinson 14db8aec95 Skip server tests on Java 16 as Gradle Plugin is not available 
See gh-27476
 2021-07-23 19:44:29 +01:00
Andy Wilkinson f830ce5e17 Merge branch '2.5.x' 2021-07-23 17:40:29 +01:00
Andy Wilkinson 27ae302905 Merge branch '2.4.x' into 2.5.x 2021-07-23 17:40:20 +01:00
Andy Wilkinson 931409cdd4 Update copyright header in changed files 2021-07-23 17:39:55 +01:00
Andy Wilkinson fc9f38351a Merge branch '2.5.x' 
Closes gh-27479
 2021-07-23 17:34:55 +01:00
Andy Wilkinson bd3aec4f80 Merge branch '2.4.x' into 2.5.x 
Closes gh-27478
 2021-07-23 17:30:27 +01:00
Andy Wilkinson d9a24f32b4 Rework spring-boot-server-tests to avoid using Maven 
Closes gh-27476
 2021-07-23 17:30:07 +01:00
Phillip Webb 7e9ac39f0d Update copyright year of changed files 2021-07-22 09:50:37 -07:00
Andy Wilkinson 37f690323f Polish 
Closes gh-27432
 2021-07-21 11:55:38 +01:00
Andy Wilkinson bb26b7bdf5 Polish 
Closes gh-27431
 2021-07-21 11:53:10 +01:00
izeye 734293d491 Polish 
See gh-27418
 2021-07-21 11:17:43 +01:00
Scott Frederick 9f001efa29 Adjust fat jar central directory to account for launch script 
An upgrade to Apache Commons Compress allows the build plugins to write
the launch script to the fat jar as a proper preamble, making the file
compatible with more jar and zip tooling.

Fixes gh-22336
 2021-07-19 15:02:42 -05:00
Andy Wilkinson 51fedd6528 Reinstate support for Hibernate < 5.5 
See gh-27352
 2021-07-19 13:52:40 +01:00
Andy Wilkinson 8259f15451 Fix deprecation warnings 
See gh-27383
 2021-07-19 11:53:58 +01:00
Andy Wilkinson 0d1d637c73 Merge branch '2.5.x' 
Closes gh-27383
 2021-07-19 11:07:58 +01:00
Andy Wilkinson c9ccfcc25f Rework Jetty10Http2OverTlsTests so they compile with Java 8 
Closes gh-27382
 2021-07-19 11:06:58 +01:00