Previously, LoggingApplicationListener used %rEx as the default
exception conversion word. This would result in the nested causes
being logging in reverse order, i.e. the most deeply nested cause
would be logged first.
This commit updates the default to be %wEx and adds a test to verify
the default behaviour.
Closes gh-4247
Update TraceWebFilter to optionally trace more details from the
HttpServletRequest/HttpServletResponse. The `management.trace.include`
property can be used to change what aspects are logged.
Closes gh-3948
Spring Security 4’s default configuration will, irrespective of any
other header writers that are added, enable writers for the following
headers:
- X-Content-Type
- X-XSS-Protection
- Cache-Control
- X-Frame-Options
Previously, SecurityProperties.headers used false as the default for the
properties that enable or disable these headers but the configuration is
only applied when the properties are true. This left us with the right
default behaviour (the headers are enabled) but meant that the
properties could not be used to switch off the headers.
This commit changes the defaults for the four properties to true and
updates SpringBootWebSecurityConfiguration to only apply the
configuration when the properties are false. This leaves us with the
desired defaults while allowing users to disable one or more of the
properties by setting the relevant property to false.
Closes gh-3517
This commit adds a new property, logging.register-shutdown-hook, that
when set to true, will cause LoggingApplicationListener to register
a shutdown hook the first time it initializes a logging system. When
the JVM exits, the shutdown hook shuts down each of the supported
logging systems, ensuring that all of their appenders have been
flushed and closed.
Closes gh-4026
This commit changes the new mode-based configuration to use two new
methods – setBannerMode on SpringApplication and bannerMode on
SpringApplicationBuilder. The old methods, setShowBanner and
showBanner on SpringApplication and SpringApplicationBuilder
respectively, have been reinstated and deprecated.
Closes gh-4001
Previously `spring.velocity.charset` only controlled the output encoding
with the templates being loaded with the default encoding. We now
consistently set the same value for both the input and output encodings.
It is still possible to override it to a different value using
`spring.velocity.properties.input.encoding`
Closes gh-3994
Previously `spring.velocity.charset` only controlled the output encoding
with the templates being loaded with the default encoding. We now
consistently set the same value for both the input and output encodings.
It is still possible to override it to a different value using
`spring.velocity.properties.input.encoding`
Closes gh-3994
This commit adds two new properties, spring.devtools.remote.proxy.host
and spring.devtools.remote.proxy.port that can be used to configure
RemoteSpringApplication to connect to the remote application through
an HTTP proxy.
Closes gh-3968
In order to have more control on the structure of the configuration, we
do not bind to `RepositoryRestConfiguration` directly anymore. This
commit introduces `RepositoryProperties` instead.
See gh-3854
Closes gh-4073
Add `error.include-stacktrace` configuration option to determine when
stack trace attributes should be added. Options are `never`, `always`
or `on-trace-param`.
Prior to this commit stacktrace attributes were never includes in HTML
responses, and only included in JSON responses when a `trace` request
parameter was set to `true`. This has now been changed so that,
by default, stacktrace attributes are never included.
The BasicErrorController includes a protected method that can be
overridden if includes should be different depending on the `produces`
mapping.
Closes gh-2371
Update MetricExportAutoConfiguration to auto-configure statsd metrics
export when a `spring.metrics.export.statsd.host` property is set.
Closes gh-3719
Provide a general purpose Hazelcast integration (i.e. not tied to caching).
Auto-configure a `HazelcastInstance` either based on the presence of a
`Config` bean or a configuration file. Said configuration file can be
specified explicitly or automatically found from default locations.
The cache integration already supports Hazelcast so it has been reworked
to automatically reuse an existing `HazelcastInstance` if available.
Closes gh-2942
The default value of `spring.devtools.restart.exclude` is quite long and
any override requires to copy/paste it to add additional exclusions. To
avoid that, a new `spring.devtools.restart.additional-exclude` property
has been added.
Both properties are now used to compute the full list of exclusions that
is used by PatternClassPathRestartStrategy.
Closes gh-3774
The `spring.datasource.name` property was hidden behind the 'name'
attribute of the Tomcat connection pool (since we are mapping all
datasource implementations on the `spring.datasource` namespace.
This commit replace the injected value by hand with the use of the
regular `DataSourceProperties`. That way, we generate proper meta-data
for it as well.
Closes gh-3755
A new `spring.datasource.type` property can now be used to configure the
connection pool implementation to use (rather than only relying on Boot's
preferences).
Closes gh-3705
This commit provides a single endpoint, /actuator, that serves HTML
(the HAL browser) or JSON depending on the request’s accept header
that enables discovery of all of the actuator’s other endpoints.
When the management context path is configured, the /actuator endpoint
moves to the configured path, e.g. if the management context path is
set to /management, the actuator endpoint will be available from
/management.
Closes gh-3696
This commit adds a new property, logging.exception-conversion-word,
that can be used to configure the conversion word that is used when
logging exceptions. The default value, %rEx, will log exceptions
with the root cause first and include class packaging information in
the stack trace. The new property is supported when using either
Logback or Log4J2.
Closes gh-3684
Harmonize the configuration properties for Undertow to match the changes
made for gh-2491.
Move `spring.undertow.accessLog*` to `spring.undertow.accesslog.*`
Add `directory`, `prefix` and `suffix` properties to further customize
how access logs are configured on Tomcat. Relocate all properties to the
`server.tomcat.accesslog` namespace.
`server.tomcat.accessLogPattern` and `server.tomcat.accessLogEnabled` are
deprecated and replaced by `server.tomcat.accesslog.pattern` and
`server.tomcat.accesslog.enabled` respectively.
Closes gh-2491
Previously, only folders on the classpath would be watched and used
to trigger a restart/reload of the application. This commit adds a
new property spring.devtools.restart.additional-paths that can be
used to configure additional paths that should be watched for
changes. When a change occurs in one of those paths a restart or
reload will be triggered, depending on the full restart exclude
patterns configured via the existing spring.devtools.restart.exclude
property.
Closes gh-3469
Three conditions must be met for the console to be enabled:
- H2 is on the classpath
- The application is a web application
- spring.h2.console.enabled is set to true
If spring-boot-devtools is on the classpath, spring.h2.console.enabled
will be set to true automatically. Without the dev tools, the enabled
property will have to be set to true in application.properties.
By default, the console is available at /h2-console. This can be
configured via the spring.h2.console.path property. The value of this
property must begin with a '/'.
When Spring Security is on the classpath the console will be secured
based on the user's security.* configuration. When the console is
secured, CSRF protection is disabled and frame options is set to
SAMEORIGIN for its path. Both settings are required in order for the
console to function.
Closes gh-766
Add `spring.autoconfigure.exclude` to control the list of
auto-configuration classes to exclude via configuration. Merge the
exclusions defined on the `@EnableAutoConfiguration` or
`@SpringBooApplication` if any.
Closes gh-2435
Add a "management.health.defaults.enabled" property that controls whether
the default health indicators are enabled. This allow to disable them all
by default and still enable individual ones using their respective
specific property.
Closes gh-2298
Currently, the default TemplateResolver had no specific order. Thymeleaf
handles that with a "always first" strategy (that can be confusing if
several TemplateResolver have a "null" order.
While it is a fine default (and changing it could lead to weird side
effects), it has to be changed as soon as another TemplateResolver bean
is defined in the project.
The `spring.thymeleaf.template-resolver-order` property has been added to
control the order of the default TemplateResolver.
Closes gh-3575
Allow to disable the auto-startup flag of the default JMS and RabbitMQ
containers. This effectively permit to disable automatic listening via
configuration.
Closes gh-3587
Update Tomcat, Jetty and Undertow to serialize session data when the
application is stopped and load it again when the application restarts.
Persistent session are opt-in; either by setting `persistentSession`
on the ConfigurableEmbeddedServletContainer or by using the property
`server.session.persistent=true`.
Fixes gh-2490
Previously, the prefix was spring.embedded-mongodb. This was
inconsistent with the prefixes for Artermis and HornetQ which are
spring.artemis.embedded and spring.hornetq.embedded respectively.
See gh-2002
Embedded MongoDB is now auto-configured when it is on the classpath.
The Mongo instance will listen on the port specified by the
spring.data.mongodb.port property. If this property has a value of
zero and randomly allocated port will be used. In such an event, the
MongoClient created by MongoAutoConfiguration will be automatically
configured to use the port that was allocated.
By default, MongoDB 2.6.10 will be used. This can be configured using
the spring.embedded-mongodb.version property. Mongo's sync delay
feature is enabled by default. This can be configured using the
spring.embedded-mongobd.features property.
Closes gh-2002
This commit adds a new property, spring.jackson.time-zone, that can be
used to configure the time zone that Jackson uses when configuring
dates. It affects the serialisation of both JDK and Joda date types.
Closes gh-3505
Update AbstractLoggingSystem to pass LoggingInitializationContext to
loadDefaults() method to enable access to the environment.
DefaultLogbackConfiguration now uses this to find log pattern overrides.
Fixes gh-3367
Closes gh-3405
Add support for the following server properties which can be used to
configure the session:
server.session.tracking-modes
server.session.cookie.name
server.session.cookie.domain
server.session.cookie.path
server.session.cookie.comment
server.session.cookie.http-only
server.session.cookie.secure
server.session.cookie.max-age
In addition `server.session-timeout` is now deprecated and has been
replaced with `server.session.timeout`.
Fixes gh-3240
Unfortunately, we have no other choice to flip the ignoreUnknownFields
attribute of `SecurityProperties` has many different target are now set
for that namespace outside the class. See gh-3445 for a potential way
to improve that.
Closes gh-3327
Use AbstractTemplateViewResolverProperties as the base class for
GroovyTemplateProperties since the Spring GroovyMarkupViewResolver is
an AbstractTemplateViewResolver.
The auto-configuration for Groovy is now more aligned with the existing
Freemarker and Velocity auto-configuration, with a `resourceLoaderPath`
property being used instead of `prefix`.
Fixes gh-3365
Closes gh-3374
If a `JavaMailSenderImpl` is available, check that the underlying mail
server is available on startup. Add a `spring.mail.test-connection`
property to control this behaviour.
Closes gh-3408
This commit improves support of the Resource Handling features
introduced in Spring Framework 4.1. Those features add new ways to
resolve and transform static resources in applications.
See [this blog
post](https://spring.io/blog/2014/07/24/spring-framework-4-1-handling-static-web-resources)
for more details.
The `ResourceUrlEncodinFilter` is added for compatible template engines:
Velocity and Thymeleaf. It assists them with rewriting the URLs of
static resources when rendering templates.
New keys are added in the `ResourceProperties` in order to configure
the Resource Handling chain. `ResourceResolvers` and
`ResourceTransformers` are registered accordingly in
`WebMvcAutoConfiguration`.
Here is an example of enabling a `ContentVersionStrategy` on all
static resources, meaning their names will be changed for cache
busting purposes by adding a content hash at the end of the file name.
Like "/js/jquery.js -> /js/jquery-872ca6a9fdda9e2c1516a84cff5c3bc6.js".
```
spring.resources.chain.enabled:true
spring.resources.chain.strategy.content.enabled:true
spring.resources.chain.strategy.content.paths:/**
```
Closes gh-1604
Closes gh-3123
Update `ApplicationPidFileWriter` to support a 'fail on write error'
properties which allows the user to exit the application if the PID
file cannot be written.
This commit also deprecates `spring.pidfile` in favor of
`spring.pid.file` so that the new property can be added without overlap.
Fixes gh-2764
Migrate `spring.view.prefix` and `spring.view.suffix` to
`spring.mvc.view.prefix` and `spring.mvc.view.suffix` respectively. The
former properties are still handled in a backward compatible way and are
defined as deprecated in the meta-data.
Closes gh-3250
Add a new `spring.mvc.async.request-timeout` property which can be used
to configure AsyncSupportConfigurer.setDefaultTimeout(..).
Fixes gh-2900
Closes gh-3236
Remove `spring.cache.config` as it is too generic and does not express
enough what is configured. This property is replaced by cache library
specific properties, that is `spring.cache.ehcache.config`,
`spring.cache.hazelcast.config`, `spring.cache.infinispan.config` and
`spring.cache.jcache.config`.
See gh-2633
Allow SSL to be configured via standard configuration as well as the
requestedHeartbeat. Switch to RabbitConnectionFactoryBean.
Closes gh-2655, gh-2676
- Apply project’s code formatting and conventions
- Don’t use the IO and worker thread configuration when creating the
worker for the AccessLogReceiver. The IO and worker thread
configuration is for HTTP request processing and a worker in its
default configuration should be sufficient for the access log
receiver.
- Don’t use a temporary directory as the default for the access log
directory. A temporary directory makes (some) sense for Tomcat as it
requires a directory for its basedir. Undertow has no such
requirement and using a temporary directory makes it hard to locate
the logs. The default has been updated to a directory named logs,
created in the current working directory.
- Document the new properties in the application properties appendix
Closes gh-3014
Allow the display-name of the application to be customized when deployed
in an embedded container via the `server.display-name` property.
Closes gh-2600
This commit adds CORS support to the Actuator’s MVC endpoints. CORS
support is disabled by default and is only enabled once the
endpoints.cors.allowed-origins property has been set.
The new properties to control the endpoints’ CORS configuration are:
endpoints.cors.allow-credentials
endpoints.cors.allowed-origins
endpoints.cors.allowed-methods
endpoints.cors.allowed-headers
endpoints.cors.exposed-headers
The changes to enable Jolokia-specific CORS support (57a51ed) have been
reverted as part of this commit. This provides a consistent approach
to CORS configuration across all endpoints, rather than Jolokia using
its own configuration.
See gh-1987
Closes gh-2936
Add an entry for `flyway.*` to make it more explicit that any public
property of the auto-configured `Flyway` object can be set via the
`flyway` prefix.
Closes gh-2667
- Nest the configuration class in HealthIndicatorAutoConfiguration,
bringing it into line with the other health indicator configuration
classes
- Include the statistics from the response in the health’s details
- Map YELLOW to UP rather than UNKNOWN as it indicates that the cluster
is running but that “the primary shard is allocated but replicas are
not” [1]. The details can be used to determine the precise state of
the cluster.
- Add a property to configure the time that the health indicator will
wait to receive a response from the cluster
- Document the configuration properties
- Update the tests to cover the updated functionality
See gh-2399
[1] http://www.elastic.co/guide/en/elasticsearch/reference/1.x/cluster-health.html
This commit adds support for configuring an ObjectMapper's
serialization inclusion using the environment via the
spring.jackson.serialization-inclusion property. The property's value
should be one of the values on the JsonInclude.Include enumeration.
Relaxed binding of the property value to the enum is supported. For
example:
spring.jackson.serialization-inclusion: non_null
Closes gh-2532
Previously, only a handful of properties could be set when
auto-configuring an Elasticsearch client. This commit introduces support
for configuring arbitrary properties using the
spring.data.elasticsearch.properties prefix. For example,
client.transport.sniff can be configured using
spring.data.elasticsearch.properties.client.transport.sniff.
Closes gh-1838
Previously, a TransportClient sniff property could not be configured
while using Spring Boot’s Elasticsearch auto-configuration. This commit
adds a new property, spring.data.elasticsearch.client-transport-sniff,
that can be used to configure the TransportClient while continuing to
use the auto-configuration support.
Closes gh-1838
This commit adds support for configuring the XA DataSource and
ConnectionFactory pools created by Atomikos and Bitronix via the
environment. The property prefixes vary depending on the transaction
manager that’s in use. They are:
Bitronix:
- spring.jta.bitronix.datasource
- spring.jta.bitronix.connectionfactory
Atomikos:
- spring.jta.atomikos.datasource
- spring.jta.atomikos.connectionfactory
The configuration processor has been updated to ignore
javax.jms.XAConnectionFactory and javax.sql.XADataSource as neither of
these types can be created via property binding.
Closes gh-2027
Update HypermediaAutoConfiguration to apply the Jackson2HalModule to
the primary ObjectMapper. This restores the behavior of Spring Boot
1.1 where HATEOAS types could be serialized for both `application/json`
and `application/json+hal` content types.
A `spring.hateoas.apply-to-primary-object-mapper` property has also been
provided to opt-out if necessary.
Fixes gh-2147
Health indicator configuration keys have moved from the health.* to the
management.health.* namespace. This commit adds an explicit reference
to the previous location.
See gh-2128
Add a `spring.mvc.set-ignore-default-model-on-redirect` property to
allow RequestMappingHandlerAdapter.setIgnoreDefaultModelOnRedirect to
be easily customized and change the default value to 'true'.
Fixes gh-2018
In a properties file, a backslash is used as an escape character for
the line terminator sequence to allow values to be split across
multiple lines. When a backslash is used elsewhere they're stripped
out of the property's value.
This commit updates .properties-based examples for configuring
server.tomcat.internal-proxies to escape the backslahes so that they
are retained in the property's value at runtime.
See gh-1989
By default, when /health is accessed anonymously, the details are
stripped, i.e. the response will only indicate UP or DOWN. Furthermore
the response is cached for a configurable period to prevent a denial
of service attack.
This commit adds a configuration property,
endpoints.health.restrict-anonymous-access, that can be set to false
to allow full anonymous access to /health. When full access is
allowed, the details will be included in the response and the response
will not be cached.
Closes gh-1977
Update MongoDataAutoConfiguration to provide easier configuration of
CustomConversions, the MappingMongoConverter, MongoMappingContext
and an authentication database.
Fixes gh-1619
Fixes gh-1730
The http.mappers.* configuration properties assumed that the mapping
was JSON (on of the property names was jsonPrettyPrint) and also only
exposed a small subset of the configuration options supported by
Jackson (and GSON). The property names implied that it would configure
all HTTP mapping, however it was ignored by GsonAutoConfiguration.
This commit deprecates the support for http.mappers.* in favour of
configuring Jackson or Gson instead. Jackson can be configured
declaratively using the spring.jackson.* properties or programtically.
Gson can be configured programatically by using a GsonBuilder to
create a Gson instance with the desired configuration.
gh-1946 has been opened to add support for declarative configuration
of Gson.
Closes gh-1945
Previously, configuration of a ServletContext init parameter required
the use of a ServletContextInitializer bean. This commmit adds
support for declarative configuration via the environment using
server.context_parameters.<name>=<value>.
Closes gh-1791
Change the default value of spring.datasource.jmx-enabled to false
to prevent InstanceAlreadyExistsException problems when using the
Spring Test Framework.
Fixes gh-1590
Update the auto-configured PersistenceExceptionTranslationPostProcessor
to proxy target classes as well as interfaces. Also provide a config
property to disable registration all together.
Fixes gh-1844
Change the pidfile property from `spring.application.pidfile` to
`spring.pidfile` (to save confusion with SpringApplication properties).
Also added documentation and meta-data information.
See gh-1579
Previously, Spring Security's filter had no configured order. Due to
the use of AnnotationAwareOrderComparater this meant that its order
defaulted to LOWEST_PRECEDENCE. This meant that a user had to declare
a FilterRegistrationBean for the filter and explicitly set its order
if they want another filter to run after Spring Security's.
This commit updates the security auto-configuration to assign a
default order of zero to Spring Security's filter, allowing filters
to be easily configured to run before it or after it. This default
value can overridden using the server.filter-order property. The
default order is also exposed as a constant on SecurityProperties,
allowing it to be referenced from other filter declarations.
Closes gh-1640
Andy Wilkinson
Stephane Nicoll
Johnny Lim
zhanhb
Phillip Webb
Wallace Wadge
Dave Syer
Michael Stummvoll
Julien Dubois
Simon Buettner
Fabricio Colombo
Eddú Meléndez
Ivan Sopov
Rob Baily
Marten Deinum
Brian Clozel
Johannes Stelzer
cohee016
Tomasz Przybyła
Sebastien Deleuze
Artur Mkrtchyan
Eric Dahl
Maciej Walkowiak
kakawait
Sjoerd Mulder