Upgrade Spring Boot to 2.0.0.M4

Closes gh-877

gradle.properties

@@ -1,2 +1,2 @@
-springBootVersion=2.0.0.M3
+springBootVersion=2.0.0.M4
 version=2.0.0.BUILD-SNAPSHOT

samples/boot/findbyusername/spring-session-sample-boot-findbyusername.gradle

@@ -1,7 +1,5 @@
 apply plugin: 'io.spring.convention.spring-sample-boot'
 
-ext['spring-data-releasetrain.version'] = 'Kay-RC3'
-
 dependencies {
 	compile project(':spring-session-data-redis')
 	compile "org.springframework.boot:spring-boot-starter-web"

samples/boot/findbyusername/src/main/java/sample/config/SecurityConfig.java

@@ -16,27 +16,46 @@
 
 package sample.config;
 
+import org.springframework.boot.autoconfigure.security.StaticResourceRequest;
+import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.core.userdetails.User;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.provisioning.InMemoryUserDetailsManager;
 
 /**
+ * Spring Security configuration.
+ *
  * @author Rob Winch
+ * @author Vedran Pavic
  */
 @Configuration
 public class SecurityConfig extends WebSecurityConfigurerAdapter {
 
+	@Bean
+	public UserDetailsService userDetailsService() {
+		InMemoryUserDetailsManager manager = new InMemoryUserDetailsManager();
+		manager.createUser(
+				User.withUsername("user").password("password").roles("USER").build());
+		return manager;
+	}
+
+	// @formatter:off
 	// tag::config[]
 	@Override
 	protected void configure(HttpSecurity http) throws Exception {
 		http
+			.authorizeRequests()
+				.requestMatchers(StaticResourceRequest.toCommonLocations()).permitAll()
+				.anyRequest().authenticated()
+				.and()
 			.formLogin()
 				.loginPage("/login")
-				.permitAll()
-				.and()
-			.authorizeRequests()
-				.anyRequest().authenticated();
+				.permitAll();
 	}
 	// end::config[]
+	// @formatter:on
 
 }

samples/boot/findbyusername/src/main/resources/application.properties

@@ -1,2 +0,0 @@
-spring.session.store-type=redis
-security.user.password=password

samples/boot/jdbc/src/main/java/sample/config/SecurityConfig.java

@@ -16,17 +16,33 @@
 
 package sample.config;
 
+import org.springframework.boot.autoconfigure.security.StaticResourceRequest;
+import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.builders.WebSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.core.userdetails.User;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.provisioning.InMemoryUserDetailsManager;
 
 /**
+ * Spring Security configuration.
+ *
  * @author Rob Winch
  * @author Vedran Pavic
  */
 @Configuration
 public class SecurityConfig extends WebSecurityConfigurerAdapter {
 
+	@Bean
+	public UserDetailsService userDetailsService() {
+		InMemoryUserDetailsManager manager = new InMemoryUserDetailsManager();
+		manager.createUser(
+				User.withUsername("user").password("password").roles("USER").build());
+		return manager;
+	}
+
 	// @formatter:off
 	@Override
 	public void configure(WebSecurity web) throws Exception {
@@ -35,4 +51,19 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
 	}
 	// @formatter:on
 
+	// @formatter:off
+	// tag::config[]
+	@Override
+	protected void configure(HttpSecurity http) throws Exception {
+		http
+			.authorizeRequests()
+				.requestMatchers(StaticResourceRequest.toCommonLocations()).permitAll()
+				.anyRequest().authenticated()
+				.and()
+			.formLogin()
+				.permitAll();
+	}
+	// end::config[]
+	// @formatter:on
+
 }

samples/boot/jdbc/src/main/resources/application.properties

@@ -1,3 +1 @@
-spring.session.store-type=jdbc
-security.user.password=password
 spring.h2.console.enabled=true

samples/boot/redis-json/spring-session-sample-boot-redis-json.gradle

@@ -1,7 +1,5 @@
 apply plugin: 'io.spring.convention.spring-sample-boot'
 
-ext['spring-data-releasetrain.version'] = 'Kay-RC3'
-
 dependencies {
 	compile project(':spring-session-data-redis')
 	compile "org.springframework.boot:spring-boot-starter-web"

samples/boot/redis-json/src/main/java/sample/config/SecurityConfig.java

@@ -13,28 +13,46 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
+
 package sample.config;
 
+import org.springframework.boot.autoconfigure.security.StaticResourceRequest;
+import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.core.userdetails.User;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.provisioning.InMemoryUserDetailsManager;
 
 /**
- * @author jitendra on 3/3/16.
+ * Spring Security configuration.
+ *
+ * @author jitendra
+ * @author Vedran Pavic
  */
 @Configuration
 public class SecurityConfig extends WebSecurityConfigurerAdapter {
 
+	@Bean
+	public UserDetailsService userDetailsService() {
+		InMemoryUserDetailsManager manager = new InMemoryUserDetailsManager();
+		manager.createUser(
+				User.withUsername("user").password("password").roles("USER").build());
+		return manager;
+	}
+
 	// @formatter:off
 	@Override
 	protected void configure(HttpSecurity http) throws Exception {
 		http
+			.authorizeRequests()
+				.requestMatchers(StaticResourceRequest.toCommonLocations()).permitAll()
+				.anyRequest().authenticated()
+				.and()
 			.formLogin()
 				.loginPage("/login")
-				.permitAll()
-				.and()
-			.authorizeRequests()
-				.anyRequest().authenticated();
+				.permitAll();
 	}
 	// @formatter:on
 

samples/boot/redis-json/src/main/resources/application.properties

@@ -1,2 +0,0 @@
-spring.session.store-type=redis
-security.user.password=password

samples/boot/redis/spring-session-sample-boot-redis.gradle

@@ -1,7 +1,5 @@
 apply plugin: 'io.spring.convention.spring-sample-boot'
 
-ext['spring-data-releasetrain.version'] = 'Kay-RC3'
-
 dependencies {
 	compile project(':spring-session-data-redis')
 	compile "org.springframework.boot:spring-boot-starter-web"

samples/boot/redis/src/main/java/sample/config/SecurityConfig.java

@@ -16,12 +16,45 @@
 
 package sample.config;
 
+import org.springframework.boot.autoconfigure.security.StaticResourceRequest;
+import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.core.userdetails.User;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.provisioning.InMemoryUserDetailsManager;
 
 /**
+ * Spring Security configuration.
+ *
  * @author Rob Winch
+ * @author Vedran Pavic
  */
 @Configuration
 public class SecurityConfig extends WebSecurityConfigurerAdapter {
+
+	@Bean
+	public UserDetailsService userDetailsService() {
+		InMemoryUserDetailsManager manager = new InMemoryUserDetailsManager();
+		manager.createUser(
+				User.withUsername("user").password("password").roles("USER").build());
+		return manager;
+	}
+
+	// @formatter:off
+	// tag::config[]
+	@Override
+	protected void configure(HttpSecurity http) throws Exception {
+		http
+			.authorizeRequests()
+				.requestMatchers(StaticResourceRequest.toCommonLocations()).permitAll()
+				.anyRequest().authenticated()
+				.and()
+			.formLogin()
+				.permitAll();
+	}
+	// end::config[]
+	// @formatter:on
+
 }

samples/boot/redis/src/main/resources/application.properties

@@ -1,2 +0,0 @@
-spring.session.store-type=redis
-security.user.password=password

samples/boot/websocket/spring-session-sample-boot-websocket.gradle

@@ -1,7 +1,5 @@
 apply plugin: 'io.spring.convention.spring-sample-boot'
 
-ext['spring-data-releasetrain.version'] = 'Kay-RC3'
-
 dependencies {
 	compile project(':spring-session-data-redis')
 	compile "org.springframework.boot:spring-boot-starter-web"

samples/boot/websocket/src/main/java/sample/config/WebSecurityConfig.java

@@ -17,25 +17,30 @@
 package sample.config;
 
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.autoconfigure.security.StaticResourceRequest;
+import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.builders.WebSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.core.userdetails.User;
 import org.springframework.security.core.userdetails.UserDetailsService;
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.provisioning.InMemoryUserDetailsManager;
 
 @Configuration
 @EnableGlobalMethodSecurity(prePostEnabled = true)
 public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
 
-	// @formatter:off
-	@Override
-	public void configure(WebSecurity web) throws Exception {
-		web
-			.ignoring().antMatchers("/h2-console/**");
+	@Bean
+	public UserDetailsService userDetailsService() {
+		InMemoryUserDetailsManager manager = new InMemoryUserDetailsManager();
+		manager.createUser(
+				User.withUsername("user").password("password").roles("USER").build());
+		return manager;
 	}
-	// @formatter:on
 
 	// @formatter:off
 	@Autowired
@@ -47,4 +52,25 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
 	}
 	// @formatter:on
 
+	// @formatter:off
+	@Override
+	public void configure(WebSecurity web) throws Exception {
+		web
+			.ignoring().antMatchers("/h2-console/**");
+	}
+	// @formatter:on
+
+	// @formatter:off
+	@Override
+	protected void configure(HttpSecurity http) throws Exception {
+		http
+			.authorizeRequests()
+				.requestMatchers(StaticResourceRequest.toCommonLocations()).permitAll()
+				.anyRequest().authenticated()
+				.and()
+			.formLogin()
+				.permitAll();
+	}
+	// @formatter:on
+
 }

samples/boot/websocket/src/main/resources/application.properties

@@ -1,3 +1,2 @@
-spring.session.store-type=redis
 #server.session.timeout=60
 spring.h2.console.enabled=true