Merge branch '1.5.x'

Author: philwebb

spring-boot-actuator/src/main/java/org/springframework/boot/actuate/autoconfigure/ManagementWebSecurityAutoConfiguration.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2012-2016 the original author or authors.
+ * Copyright 2012-2017 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -257,10 +257,11 @@ private AuthenticationEntryPoint entryPoint() {
 
 private void configurePermittedRequests(
 ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry requests) {
+requests.requestMatchers(new LazyEndpointPathRequestMatcher(
+this.contextResolver, EndpointPaths.SENSITIVE)).authenticated();
 // Permit access to the non-sensitive endpoints
 requests.requestMatchers(new LazyEndpointPathRequestMatcher(
 this.contextResolver, EndpointPaths.NON_SENSITIVE)).permitAll();
-requests.anyRequest().authenticated();
 }
 
 }
@@ -276,6 +277,15 @@ protected boolean isIncluded(MvcEndpoint endpoint) {
 return !endpoint.isSensitive();
 }
 
+},
+
+SENSITIVE {
+
+@Override
+protected boolean isIncluded(MvcEndpoint endpoint) {
+return endpoint.isSensitive();
+}
+
 };
 
 public String[] getPaths(EndpointHandlerMapping endpointHandlerMapping) {
@@ -289,12 +299,9 @@ public String[] getPaths(EndpointHandlerMapping endpointHandlerMapping) {
 String path = endpointHandlerMapping.getPath(endpoint.getPath());
 paths.add(path);
 if (!path.equals("")) {
-if (endpoint.isSensitive()) {
-// Ensure that nested paths are secured
-paths.add(path + "/**");
-// Add Spring MVC-generated additional paths
-paths.add(path + ".*");
-}
+paths.add(path + "/**");
+// Add Spring MVC-generated additional paths
+paths.add(path + ".*");
 }
 paths.add(path + "/");
 }

spring-boot-autoconfigure/pom.xml

@@ -234,6 +234,11 @@
 <artifactId>sendgrid-java</artifactId>
 <optional>true</optional>
 </dependency>
+<dependency>
+<groupId>com.unboundid</groupId>
+<artifactId>unboundid-ldapsdk</artifactId>
+<optional>true</optional>
+</dependency>
 <dependency>
 <groupId>com.zaxxer</groupId>
 <artifactId>HikariCP-java6</artifactId>
@@ -382,6 +387,11 @@
 <artifactId>spring-data-cassandra</artifactId>
 <optional>true</optional>
 </dependency>
+<dependency>
+<groupId>org.springframework.data</groupId>
+<artifactId>spring-data-ldap</artifactId>
+<optional>true</optional>
+</dependency>
 <dependency>
 <groupId>org.springframework.data</groupId>
 <artifactId>spring-data-mongodb</artifactId>

spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/data/ldap/LdapDataAutoConfiguration.java

@@ -0,0 +1,50 @@
+/*
+ * Copyright 2012-2017 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.springframework.boot.autoconfigure.data.ldap;
+
+import javax.naming.ldap.LdapContext;
+
+import org.springframework.boot.autoconfigure.AutoConfigureAfter;
+import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
+import org.springframework.boot.autoconfigure.ldap.LdapAutoConfiguration;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.data.ldap.repository.LdapRepository;
+import org.springframework.ldap.core.ContextSource;
+import org.springframework.ldap.core.LdapOperations;
+import org.springframework.ldap.core.LdapTemplate;
+
+/**
+ * {@link EnableAutoConfiguration Auto-configuration} for Spring Data's LDAP support.
+ *
+ * @author Eddú Meléndez
+ * @since 1.5.0
+ */
+@Configuration
+@ConditionalOnClass({ LdapContext.class, LdapRepository.class })
+@AutoConfigureAfter(LdapAutoConfiguration.class)
+public class LdapDataAutoConfiguration {
+
+@Bean
+@ConditionalOnMissingBean(LdapOperations.class)
+public LdapTemplate ldapTemplate(ContextSource contextSource) {
+return new LdapTemplate(contextSource);
+}
+
+}

spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/data/ldap/LdapRepositoriesAutoConfiguration.java

@@ -0,0 +1,44 @@
+/*
+ * Copyright 2012-2017 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.springframework.boot.autoconfigure.data.ldap;
+
+import javax.naming.ldap.LdapContext;
+
+import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.Import;
+import org.springframework.data.ldap.repository.LdapRepository;
+import org.springframework.data.ldap.repository.support.LdapRepositoryFactoryBean;
+
+/**
+ * {@link EnableAutoConfiguration Auto-configuration} for Spring Data's Couchbase
+ * Repositories.
+ *
+ * @author Eddú Meléndez
+ * @since 1.5.0
+ */
+@Configuration
+@ConditionalOnClass({ LdapContext.class, LdapRepository.class })
+@ConditionalOnProperty(prefix = "spring.data.ldap.repositories", name = "enabled", havingValue = "true", matchIfMissing = true)
+@ConditionalOnMissingBean(LdapRepositoryFactoryBean.class)
+@Import(LdapRepositoriesRegistrar.class)
+public class LdapRepositoriesAutoConfiguration {
+
+}

spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/data/ldap/LdapRepositoriesRegistrar.java

@@ -0,0 +1,56 @@
+/*
+ * Copyright 2012-2017 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.springframework.boot.autoconfigure.data.ldap;
+
+import java.lang.annotation.Annotation;
+
+import org.springframework.boot.autoconfigure.data.AbstractRepositoryConfigurationSourceSupport;
+import org.springframework.context.annotation.ImportBeanDefinitionRegistrar;
+import org.springframework.data.ldap.repository.config.EnableLdapRepositories;
+import org.springframework.data.ldap.repository.config.LdapRepositoryConfigurationExtension;
+import org.springframework.data.repository.config.RepositoryConfigurationExtension;
+
+/**
+ * {@link ImportBeanDefinitionRegistrar} used to auto-configure Spring Data LDAP
+ * Repositories.
+ *
+ * @author Eddú Meléndez
+ * @since 1.5.0
+ */
+class LdapRepositoriesRegistrar extends AbstractRepositoryConfigurationSourceSupport {
+
+@Override
+protected Class<? extends Annotation> getAnnotation() {
+return EnableLdapRepositories.class;
+}
+
+@Override
+protected Class<?> getConfiguration() {
+return EnableLdapRepositoriesConfiguration.class;
+}
+
+@Override
+protected RepositoryConfigurationExtension getRepositoryConfigurationExtension() {
+return new LdapRepositoryConfigurationExtension();
+}
+
+@EnableLdapRepositories
+private static class EnableLdapRepositoriesConfiguration {
+
+}
+
+}

spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/data/ldap/package-info.java

@@ -0,0 +1,20 @@
+/*
+ * Copyright 2012-2017 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/**
+ * Auto-configuration for Spring Data LDAP.
+ */
+package org.springframework.boot.autoconfigure.data.ldap;

spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/ldap/LdapAutoConfiguration.java

@@ -0,0 +1,64 @@
+/*
+ * Copyright 2012-2017 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.springframework.boot.autoconfigure.ldap;
+
+import java.util.Collections;
+
+import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
+import org.springframework.boot.context.properties.EnableConfigurationProperties;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.core.env.Environment;
+import org.springframework.ldap.core.ContextSource;
+import org.springframework.ldap.core.support.LdapContextSource;
+
+/**
+ * {@link EnableAutoConfiguration Auto-configuration} for LDAP.
+ *
+ * @author Eddú Meléndez
+ * @since 1.5.0
+ */
+@Configuration
+@ConditionalOnClass(ContextSource.class)
+@EnableConfigurationProperties(LdapProperties.class)
+public class LdapAutoConfiguration {
+
+private final LdapProperties properties;
+
+private final Environment environment;
+
+public LdapAutoConfiguration(LdapProperties properties, Environment environment) {
+this.properties = properties;
+this.environment = environment;
+}
+
+@Bean
+@ConditionalOnMissingBean
+public ContextSource ldapContextSource() {
+LdapContextSource source = new LdapContextSource();
+source.setUserDn(this.properties.getUsername());
+source.setPassword(this.properties.getPassword());
+source.setBase(this.properties.getBase());
+source.setUrls(this.properties.determineUrls(this.environment));
+source.setBaseEnvironmentProperties(Collections
+.<String, Object>unmodifiableMap(this.properties.getBaseEnvironment()));
+return source;
+}
+
+}