Previously, when a Servlet-based WebServer was stopped it would also
stop the ServletContext. This led to problems as Tomcat and Undertow
would then not allow a restart. Jetty would allow a restart but
duplicate servlet registrations would then be attempted.
This commit modifies the WebServer lifecycle to separate stopping
and destruction for both servlet and reactive web servers. This
allows a WebServer's stop() implementation to leave some components
running so that they can be restarted. To completely shut down a
WebServer destroy() must now be called.
Both Tomcat and Jetty WebServers have been updated to stop their
network connections when stop() is called but leave other components
running. This works with both servlet and reactive web servers.
Note that an Undertow-based Servlet web server does not support
stop and restart. Once stopped, a Servlet Deployment cannot be
restarted and it does not appear to be possible to separate the
lifecycle of its network connections and a Servlet deployment.
Reactor Netty and Undertow-based reactive web servers can now also
be stopped and then restarted. Calling stop() stops the whole server
but this does not cause a problem as there's no (application-exposed)
ServletContext involved. There may be room to optimize this in the
future if the need arises.
Closes gh-34955
Update Logback and Log4J2 so that they include the application name on
each log line. If `spring.application.name` had not been set, or if
`logging.include-application-name` is `false` then the name is not
logged.
Closes gh-35593
Add support for logging correlation IDs with Logback or Log4J2 whenever
Micrometer tracing is being used.
The `LoggingSystemProperties` class now accepts a defualt value resolver
which will be used whenever a value isn't in the environment. The
`AbstractLoggingSystem` provides a resolver that supports the
`logging.pattern.correlation` property and will return a value whenever
`LoggingSystem.EXPECT_CORRELATION_ID_PROPERTY` is set.
Using `LoggingSystem.EXPECT_CORRELATION_ID_PROPERTY` allows us to
provide a consistent width for the correlation ID, even when it's
missing from the MDC.
The exact correlation pattern returned will depend on the `LoggingSytem`
implementation. Currently Logback and Log4J2 are supported and both
make use of a custom converter which delegates to a new
`CorrelationIdFormatter` class.
Closes gh-33280
Previously, when using SpringApplication.from() any additional
sources configured using with() would be applied to every
SpringApplication that was created within the scope of the call to
run(). This caused problems with Spring Cloud's bootstrap context
where the additional sources would be applied to both the user's
application and to the boostrap context's application.
This commit updates the hook that's used to apply the additional
sources so that it's only applied once. This results in the
additional sources only being added to the first SpringApplication
that is run.
Closes gh-35873
Support custom Log4J2 log levels by changing `LoggerConfiguration` so
that it can now report levels using a `LevelConfiguration` object
rather than the limited `LogLevel` enum.
The `Log4J2LoggingSystem` class now uses `LevelConfiguration.ofCustom`
for custom logging levels, rather than throwing an exception.
The `LoggersEndpoint` has also been updated so that it can return the
custom logger name.
Fixes gh-35227
Properties `ssl.bundle.pem.mybundle.keystore.private-key-password`
and `ssl.bundle.pem.mybundle.truststore.private-key-password` have
been added for configuring the password required to decrypt an
encrypted private key.
Only PKCS8 private keys with encryption are supported. PKCS1 and EC
private keys with encryption are much more complex to decrypt, and
are not supported.
Fixes gh-35652
Update `SpringApplicationExtensions.kt` with `fromApplication` and
`with` functions that make `SpringApplication.from(...)` easier to use
with Kotlin.
Fixes gh-35756
Previously, if a `@ConfigurationProperties`-annotated `@Bean` method
returned a type that looked like it could be constructor bound, the
registered runtime hints were incorrect. With only the bean's class
to work with, the hints registrar would incorrectly determine that
the type would be constructor bound and would not register the hints
required for Java bean binding.
This commit updates the registrar to allow the caller to provide a
Bindable which knows both what should be bound and how it should be
bound, thereby allowing the registrar to generate the correct hints.
The tests for the AOT processor have also been updated to remove
duplication of the tests in BindableRuntimeHintsRegistrarTests and
to focus on the contribution creating Bindable instances with the
bind method that is required to produce the correct reflection hints.
Closes gh-35564
Co-authored-by: Phillip Webb <pwebb@vmware.com>
There were several tests in CPBFIAPT that were duplicating tests in
BindableRuntimeHintsRegistrarTests. To test the AOT processor, all
that is really necessary is to assert that the expected types are
found and passed to BindableRuntimeHintsRegistrar. The tests for
BindableRuntimeHintsRegistrar are then responsible for asserting
that the expected hints are generated for the various different
types.
Closes gh-35645
Update `SpringApplication.run` to that it returns a wrapper which
provides access to the `ApplicationContext` rather than the
`ApplicationContext` directly.
This should provide a natural place to add more accessors in the future
should we need to.
Closes gh-35451
This commit returns the running application context when running an
application via SpringApplication#from so that it is consistent with
the regular SpringApplication#run.
Closes gh-35203
Update `SslOptions` so that `null` is used for default values rather
than empty sets. Most libraries use `null` to indicate defaults so
aligning our class makes things easier.
See gh-34814
Update Tomcat, Jetty, Undertow and Netty servers so that an SslBundle
is used to apply SSL configuration. Existing `Ssl` properties are
internally adapted to an `SslBundle` using the `WebServerSslBundle`
class. Additionally, if `Ssl.getBundle()` returns a non-null value the
the `SslBundles` bean will be used to find a registered bundle by name.
See gh-34814
Add classes to support SSL bundles which can be used to apply SSL
settings in a centralized way. An `SslBundle` can be registered with
an `SslBundleRegistry` and obtained from an `SslBundles` instance. The
`DefaultSslBundleRegistry` provides a default in-memory implementation.
Different client libraries often configure SSL in slightly different
ways. To accommodate this, the `SslBundle` provides a layered approach
of obtaining SSL information:
- `getStores` provides access to the key store and trust stores
as well as any required key store password.
- `getManagers` provides access to the `KeyManagerFactory`,
`TrustManagerFactory` as well as the `KeyManger` and
`TrustManager` arrays that they create.
- `createSslContext` provides a convenient way to obtain a new
`SSLContext` instance.
In addition, the `SslBundle` also provides details about the key being
used, the protocol to use and any options that should be applied to the
SSL engine.
See gh-34814
This reverts commit 25e8f2d575, reversing
changes made to e5bc9a2fcb.
Unfortunately, upon additional review we realised that these changes
should not have been accepted. They're a partial implementation of
support for programmatically configuring Logback, implemented in a way
that only works during AOT processing and also potentially makes it
harder for us to implement full support in the future.
Closes gh-34361
This commit includes a change to stop using an API in Logback that
has been deprecated without replacement. As Logback now only supports
.xml configuration files, it would only ever have thrown an
exception. The call to the API has been replaced with thrown an
exception directly.
Closes gh-34686
This commit includes a change to stop using an API in Logback that
has been deprecated without replacement. As Logback now only supports
.xml configuration files, it would only ever have thrown an
exception. The call to the API has been replaced with thrown an
exception directly.
Closes gh-34670
Update `StandardConfigDataResource` so that the underlying file is
considered in equals/hashcode. Prior to this commit, if the classpath
included `.` then the same resource could be loaded twice. Once via
a `ClassPathResource` and once via a `FileSystemResource`.
Fixes gh-34212
If the name is set, it is used. If not, the bean name is used. If that's
not set, the convention based name is taken.
Registration failures now throw an IllegalStateException instead of
being logged. DynamicRegistrationBean.setIgnoreRegistrationFailure
can be used to restore the old behavior.
See gh-33911
Remove instance suppliers in bean definitions and depend instead
on reflection. This allows the AOT engine to correctly process
the definitions.
Fixes gh-33763
Update `DefaultBindConstructorProvider` so that deduced constructors
are not used if there is an existing value.
Prior to this commit, constructor detection logic was not compatible
with earlier versions of Spring Boot. With Spring Boot 3.0.1, given
a class of the following form:
@ConfigurationProperties(prefix = "example")
public class ExampleProperties {
@NestedConfigurationProperty
private final NestedProperty nested = new NestedProperty(
"Default", "default");
public NestedProperty getNested() {
return nested;
}
}
If `NestedProperty` has a single constructor with arguments, constructor
binding would be used. In Spring Boot 2.x, setter injection would have
been used.
The updated code now only uses constructor injection if an explicit
`@ConstructorBinding` annotation is present, or if there is no existing
value.
Fixes gh-33409
See gh-33710
Update `DefaultBindConstructorProvider` so that it no longer detects
constructors when the `Bindable` has an existing value. This update
allows us change `ConfigurationPropertiesBindingPostProcessor` and
related classes so that all instances created from `@Bean` methods
are treated as `JAVA_BEAN` bindings and will not be accidentally
re-created using constructor binding.
Fixes gh-33710
Add `SpringProfileIfNestedWithinSecondPhaseElementSanityChecker` which
will provide a warning if `<springProfile>` is used within a phase 2
model element. This is similar to Logback's own `<if>` warnings.
The `LogbackLoggingSystem` has also been updated so that warning are
printed when present.
Fixes gh-33610
Switch `model.markAsSkipped` to `model.deepMarkAsSkipped` in
`SpringProfileModelHandler`.
Although the current call doesn't appear to be causing issues,
it seems best to align our <springProfile> support with the way
that Logback implements its own `<if>` support.
Closes gh-33618
Prior to this change, when using spring-boot-starter-logging, JBoss
Logging would route like this:
JBoss Logging -> Log4j2 API -> SLF4J -> Logback
This is inefficient as there's no need for it to go via the Log4j2
API.
This commit updates the Logback logging system to configure a system
property that controls JBoss's routing. With this change in place,
JBoss Logging will route like this:
JBoss Logging -> SLF4J -> Logback
Closes gh-33155
Update `@Autowired` detection logic to consider all constructors and to
search user classes.
Fixes gh-33061
Co-authored-by: Phillip Webb <pwebb@vmware.com>
In Tomcat 10.0, reflection hints on Http11AprProtocol were
registering hints on AbstractProtocol as a side effect.
Tomcat 10.1 removed this protocol and related hints, breaking
Http11NioProtocol usage in Spring Boot.
This commit contributes reflection hints for protocol properties
accessed reflectively from org.apache.catalina.connector.Connector.
See gh-33064
Reorder `SpringBootJoranConfigurator.addModelHandlerAssociations` so
that handlers are added before calling the super method. Prior to this
commit, handlers were added behind filters which prevented them from
being used in `<if>` blocks.
Fixes gh-33028
Commit 29f085bd1a690ff7281e00b3a925e1160850ffbb in Spring Framework
automatically registers hints for enclosing directories. This fixes the
tests to use a contains instead of exact match.
Commit 29f085bd1a690ff7281e00b3a925e1160850ffbb in Spring Framework
automatically registers hints for enclosing directories. This fixes the
tests to expect hints for those directories as well.
Without those changes, if @AutoConfigureTestDatabase is used, the
native image build process fails with:
EmbeddedDatabaseConnection was unintentionally initialized at build
time.
Closes gh-32865
Update `EventPublishingRunListener` to ensure that application event
listeners are always refreshed before multicasting initial events.
Prior to this commit, refreshing occurred after multicasting which
meant that listeners added by a different `SpringApplicationRunListener`
would not be picked up. This caused properties from tests that have
`UseMainMethod` set to `ALWAYS` or `WHEN_AVAILABLE` to be missing.
Fixes gh-32860
Refactor the way `ClientHttpRequestFactory` instances are created in
order to support setting read timeouts.
Prior to this commit, the reflection based approach would call
`setReadTimeout`. As of Spring Framework 6.0, the
`HttpComponentsClientHttpRequestFactory` class no longer supports this
approach. The timeout must be set on the `HttpClientConnectionManager`
used in the `HttpClient` which can be passed in to the constructor.
In order to support this approach, the `ClientHttpRequestFactory` can
now be created using a `Function` rather than a `Supplier`. The
function accepts a `ClientHttpRequestFactorySettings` which provides
the timeout settings to apply.
The `ClientHttpRequestFactories` utility class provides methods to
create `ClientHttpRequestFactory` instances that respect the settings.
Whenever possible, these are created without using reflection.
Fixes gh-32857
Co-authored-by: Phillip Webb <pwebb@vmware.com>
Logback can infer the Java class to which an XML tag should be mapped
by looking for a setter method on the class to which the parent tag
was mapped. This commits ensures that reflection hints are added for
such classes.
Fixes gh-32839
Relocate `ConfigurationPropertiesReflectionHintsProcessor` and refactor
it to be a general purpose `BindableRuntimeHintsRegistrar`.
Prior to this commit, `ConfigurationPropertiesReflectionHintsProcessor`
was used to declare binding hints for classes that were bound, but
might be `@ConfigurationProperties`. By moving and renaming the class,
it's now better aligned to the way it's used.
Support for `@NestedConfigurationProperties` has been implemented by
adding a `@Nestable` meta-annotation. This allow us to create the
appropriate hints, without the `Binder` needing to be directly aware of
the `@NestedConfigurationProperties` annotation.
Closes gh-32815
Spring Security now re-applies the authorization rules
to the error page by default. Additionally, it configures
RequestAttributeSecurityContextRepository as the default for
stateless applications allowing those applications to have access
to the original authentication during an error dispatch.
Closes gh-31703
Framework requires the `groupId` passed to the AOT processing
to be non-empty, so a default should be used if the build
system does not provide a value.
See gh-32696
Refine constructor binding detection logic so that `private`
constructors on member classes are no longer automatically picked for
constructor binding. This provides users a way of signalling that
they wish to use the constructor directly.
Closes gh-32639
Relocate `@ConstructorBinding` from the `boot.context.properties`
package to `boot.context.properties.bind` and update the
`DefaultBindConstructorProvider` to support it.
Closes gh-32660
Add a `SpringProfileArbiter` Log4j2 plugin which allows Log4j2
configuration to be included or skipped based on the active Spring
`Environment` profiles.
See gh-32734
Update `Log4J2LoggingSystem` to add the Spring `Environment` to Log4j2's
`LoggerContext`. This allow Log4j2 plugins to access the `Environment`
if they need it.
See gh-32731
Update `Log4J2LoggingSystem.getStandardConfigLocations()` so that
any configured 'log4j.configurationFile' system property is also
included as a location.
See gh-32730
Previously, the web server was stopped in the last smart lifecycle
phase with graceful shutdown having begun in the previous phase.
This lack of space between the two phases and after the stop phase
made it hard to for other smart lifecycles to be part of the
graceful shutdown process.
This commit moves stop to 1024 phases before the final phase and
graceful shutdown a further 1024 phases before that, allowing
other smart lifecycles to run between graceful shutdown and stop
and also after stop.
Closes gh-31714
This commit adds an AOT contribution that replaces the scanning of
@JsonMixin by a mapping in generated code. This makes sure that such
components are found in a native image.
Closes gh-32567
This commit migrates our remaining usage of the httpclient 4.x to use
instead httpclient5, now that the 4.x support has been removed in
`RestTemplate`.
Closes gh-32461
Prior to this commit, the `RestTemplateBuilder` would offer a generic
`setReadTimeout` method to configure the read timeout on the underlying
`ClientHttpRequestFactory`. This would be done in a reflective fashion,
considering that all implementations align with this behavior.
This option cannot be provided for HttpClient5 at the
`ClientHttpRequestFactory` level anymore, so this has been deprecated
in Spring Framework 6.0 and will log a warning. In order to align with
our existing behavior (throwing exceptions if the option cannot be set),
this commit ensures that exceptions are also thrown if the method is
marked as deprecated.
See gh-32461
As htttpclient 4.x is not supported anymore by `RestTemplate`, this
commit changes such dependencies to httpclient5 instead. In some cases,
the httpclient 4.x was transitively brought by a non-Spring dependency.
See gh-32461
With this commit, loading `@AutoConfiguration`,
`@ImportAutoConfiguration`, and `@ManagementContextConfiguration`
classes is supported with `.imports` files only. Support for loading
these classes with `spring.factories` is removed.
Closes gh-29699
Update `SpringBootContextLoader` so that it now implements the
`AotContextLoader` interface. The `ContextLoaderHook` will abandon
at `contextLoaded` if the test class is being AOT processed.
This commit also introduces a new `AotApplicationContextInitializer`
which allows us to plug-in an alternative AOT application context
listener when the `SpringApplication` is running in test mode.
Closes gh-31965
Create a new public SpringApplication Hook API based on the existing
`SpringApplicationRunListener` interface.
The previous package-private `SpringApplicationHooks` class has been
replaced with a public `SpringApplicationHook` interface which acts as
a factory that can create additional `SpringApplicationRunListener`
instances to hook in.
The boolean result from the previous `preRefresh` method has been
replaced with an `AbandonedRunException` which can be thrown from
the `SpringApplicationRunListener`.
Closes gh-32301
Arjen Poutsma
Arjen Poutsma
Andy Wilkinson
Johnny Lim
Ahmed Ashour
Eyðun Nielsen
Scott Frederick
ThomazPassarelli
Moritz Halbritter
Phillip Webb
Jonatan Ivanov
Stephane Nicoll
Sébastien Deleuze
Marc Leroux
kdomo
Abhijeet Mishra
Krzysztof Krason
1993heqiang
Yubao Liu
Luka Hartwig
lionel benychou
Kaveh Shamsi
cdanger
tumit
biergit
Madhura Bhave
Henning Poettker
Guirong Hu
Ralph Goers
Brian Clozel
dreis2211