Add End-of-Life Notice

Remove from CI
Update Jenkinsfile to use explicit JAVA_HOME
2020-11-18 12:59:08 +01:00 · 2020-11-18 12:57:23 +01:00 · 2019-05-27 09:47:22 +02:00 · 2019-04-02 16:59:33 -04:00 · 2019-04-02 16:36:30 -04:00 · 2019-04-02 16:15:42 -04:00
354 changed files with 3054 additions and 1976 deletions
--- a/.editorconfig
+++ b/.editorconfig
@@ -0,0 +1,19 @@
+root = true
+
+[*]
+end_of_line = lf
+trim_trailing_whitespace = true
+insert_final_newline = true
+max_line_length = 120
+
+[*.java]
+indent_style = tab
+indent_size = 4
+charset = latin1
+continuation_indent_size = 8
+
+[*.xml]
+indent_style = tab
+indent_size = 4
+charset = latin1
+continuation_indent_size = 8
--- a/.github/ISSUE_TEMPLATE.md
+++ b/.github/ISSUE_TEMPLATE.md
@@ -1,3 +1,7 @@
+<!--
+For Security Vulnerabilities, please use https://pivotal.io/security#reporting
+-->
+
 <!--
 Thanks for raising a Spring Session issue. Please provide a brief description of your problem along with the version of Spring Session that you are using. If possible, please also consider putting together a sample application that reproduces the issue.
 -->
--- a/.github/PULL_REQUEST_TEMPLATE.md
+++ b/.github/PULL_REQUEST_TEMPLATE.md
@@ -1,3 +1,7 @@
+<!--
+For Security Vulnerabilities, please use https://pivotal.io/security#reporting
+-->
+
 <!--
 Thanks for contributing to Spring Session. Please provide a brief description of your pull-request and reference any related issue numbers (prefix references with #).
 -->
--- a/.gitignore
+++ b/.gitignore
@@ -10,6 +10,6 @@ target
 out
 .springBeans
 *.rdb
-!eclispe/.checkstyle
 .checkstyle
+!etc/eclipse/.checkstyle
 !**/src/**/build
--- a/CODE_OF_CONDUCT.adoc
+++ b/CODE_OF_CONDUCT.adoc
@@ -40,5 +40,5 @@ appropriate to the circumstances. Maintainers are obligated to maintain confiden
 with regard to the reporter of an incident.

 This Code of Conduct is adapted from the
-http://contributor-covenant.org[Contributor Covenant], version 1.3.0, available at
-http://contributor-covenant.org/version/1/3/0/[contributor-covenant.org/version/1/3/0/]
+https://contributor-covenant.org[Contributor Covenant], version 1.3.0, available at
+https://contributor-covenant.org/version/1/3/0/[contributor-covenant.org/version/1/3/0/]
--- a/CONTRIBUTING.adoc
+++ b/CONTRIBUTING.adoc
@@ -10,8 +10,8 @@ By participating, you  are expected to uphold this code. Please report unaccepta
 == Using GitHub issues

 We use GitHub issues to track bugs and enhancements. If you have a general usage question
-please ask on http://stackoverflow.com[Stack Overflow]. The Spring Session team and the
-broader community monitor the http://stackoverflow.com/tags/spring-session[`spring-session`]
+please ask on https://stackoverflow.com[Stack Overflow]. The Spring Session team and the
+broader community monitor the https://stackoverflow.com/tags/spring-session[`spring-session`]
 tag.

 If you are reporting a bug, please help to speed up problem diagnosis by providing as much
--- a/88
+++ b/88
@@ -1,88 +0,0 @@
-def projectProperties = [
-	[$class: 'BuildDiscarderProperty',
-		strategy: [$class: 'LogRotator', numToKeepStr: '5']],
-	pipelineTriggers([cron('@daily')])
-]
-properties(projectProperties)
-
-def SUCCESS = hudson.model.Result.SUCCESS.toString()
-currentBuild.result = SUCCESS
-
-try {
-	parallel check: {
-		stage('Check') {
-			node {
-				checkout scm
-				try {
-					sh "./gradlew clean check  --refresh-dependencies --no-daemon"
-				} catch(Exception e) {
-					currentBuild.result = 'FAILED: check'
-					throw e
-				} finally {
-					junit '**/build/*-results/*.xml'
-				}
-			}
-		}
-	},
-	springio: {
-		stage('Spring IO') {
-			node {
-				checkout scm
-				try {
-					sh "./gradlew clean springIoCheck -PplatformVersion=Cairo-BUILD-SNAPSHOT -PexcludeProjects='**/samples/**' --refresh-dependencies --no-daemon --stacktrace"
-				} catch(Exception e) {
-					currentBuild.result = 'FAILED: springio'
-					throw e
-				} finally {
-					junit '**/build/spring-io*-results/*.xml'
-				}
-			}
-		}
-	}
-
-	if(currentBuild.result == 'SUCCESS') {
-		parallel artifactory: {
-			stage('Artifactory Deploy') {
-				node {
-					checkout scm
-					withCredentials([usernamePassword(credentialsId: '02bd1690-b54f-4c9f-819d-a77cb7a9822c', usernameVariable: 'ARTIFACTORY_USERNAME', passwordVariable: 'ARTIFACTORY_PASSWORD')]) {
-						sh "./gradlew artifactoryPublish -PartifactoryUsername=$ARTIFACTORY_USERNAME -PartifactoryPassword=$ARTIFACTORY_PASSWORD --no-daemon --stacktrace"
-					}
-				}
-			}
-		},
-		docs: {
-			stage('Deploy Docs') {
-				node {
-					checkout scm
-					withCredentials([file(credentialsId: 'docs.spring.io-jenkins_private_ssh_key', variable: 'DEPLOY_SSH_KEY')]) {
-						sh "./gradlew deployDocs -PdeployDocsSshKeyPath=$DEPLOY_SSH_KEY -PdeployDocsSshUsername=$SPRING_DOCS_USERNAME --refresh-dependencies --no-daemon --stacktrace"
-					}
-				}
-			}
-		}
-	}
-} finally {
-	def buildStatus = currentBuild.result
-	def buildNotSuccess =  !SUCCESS.equals(buildStatus)
-	def lastBuildNotSuccess = !SUCCESS.equals(currentBuild.previousBuild?.result)
-
-	if(buildNotSuccess || lastBuildNotSuccess) {
-
-		stage('Notifiy') {
-			node {
-				final def RECIPIENTS = [[$class: 'DevelopersRecipientProvider'], [$class: 'RequesterRecipientProvider']]
-
-				def subject = "${buildStatus}: Build ${env.JOB_NAME} ${env.BUILD_NUMBER} status is now ${buildStatus}"
-				def details = """The build status changed to ${buildStatus}. For details see ${env.BUILD_URL}"""
-
-				emailext (
-					subject: subject,
-					body: details,
-					recipientProviders: RECIPIENTS,
-					to: "$SPRING_SESSION_TEAM_EMAILS"
-				)
-			}
-		}
-	}
-}
--- a/LICENSE.txt
+++ b/LICENSE.txt
@@ -1,7 +1,7 @@

                                 Apache License
                           Version 2.0, January 2004
-                        http://www.apache.org/licenses/
+                        https://www.apache.org/licenses/

   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION

@@ -193,7 +193,7 @@
   you may not use this file except in compliance with the License.
   You may obtain a copy of the License at

-       http://www.apache.org/licenses/LICENSE-2.0
+       https://www.apache.org/licenses/LICENSE-2.0

   Unless required by applicable law or agreed to in writing, software
   distributed under the License is distributed on an "AS IS" BASIS,
--- a/README.adoc
+++ b/README.adoc
@@ -1,3 +1,9 @@
+[NOTE]
+======
+This branch of Spring Session has reached its https://github.com/spring-projects/spring-boot/wiki/Supported-Versions[End of Life], meaning that there are no further maintenance releases or security patches planned.
+Please migrate to a supported branch as soon as possible.
+======
+
 = Spring Session

 image:https://travis-ci.org/spring-projects/spring-session.svg?branch=master["Build Status", link="https://travis-ci.org/spring-projects/spring-session"] image:https://badges.gitter.im/spring-projects/spring-session.svg[link="https://gitter.im/spring-projects/spring-session?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge"]
@@ -25,8 +31,8 @@ By participating, you  are expected to uphold this code. Please report unaccepta

 == Spring Session Project Site

-You can find the documentation, issue management, support, samples, and guides for using Spring Session at http://projects.spring.io/spring-session/
+You can find the documentation, issue management, support, samples, and guides for using Spring Session at https://projects.spring.io/spring-session/

 == License

-Spring Session is Open Source software released under the http://www.apache.org/licenses/LICENSE-2.0.html[Apache 2.0 license].
+Spring Session is Open Source software released under the https://www.apache.org/licenses/LICENSE-2.0.html[Apache 2.0 license].
--- a/build.gradle
+++ b/build.gradle
@@ -1,9 +1,10 @@
 buildscript {
 	dependencies {
-		classpath 'io.spring.gradle:spring-build-conventions:0.0.8.RELEASE'
+		classpath 'io.spring.gradle:spring-build-conventions:0.0.25.RELEASE'
 		classpath "org.springframework.boot:spring-boot-gradle-plugin:$springBootVersion"
 	}
 	repositories {
+		gradlePluginPortal()
 		maven { url 'https://repo.spring.io/plugins-release' }
 	}
 }
@@ -12,9 +13,6 @@ apply plugin: 'io.spring.convention.root'
 group = 'org.springframework.session'
 description = 'Spring Session'

-
 ext.releaseBuild = version.endsWith('RELEASE')
 ext.snapshotBuild = version.endsWith('SNAPSHOT')
 ext.milestoneBuild = !(releaseBuild || snapshotBuild)
-
-
--- a/docs/spring-session-docs.gradle
+++ b/docs/spring-session-docs.gradle
@@ -38,6 +38,7 @@ asciidoctor {
 			'lettuce-version': versions['io.lettuce:lettuce-core'],
 			'samples-dir': "$rootProject.projectDir.path/samples/",
 			'session-jdbc-main-resources-dir': "${project(':spring-session-jdbc').projectDir.path}/src/main/resources/",
+			'spring-boot-version': project.springBootVersion,
 			'spring-data-redis-version': versions['org.springframework.data:spring-data-redis'],
 			'spring-framework-version': versions['org.springframework:spring-core'],
 			'spring-security-version': versions['org.springframework.security:spring-security-core'],
--- a/docs/src/docs/asciidoc/guides/boot-findbyusername.adoc
+++ b/docs/src/docs/asciidoc/guides/boot-findbyusername.adoc
@@ -114,7 +114,7 @@ Another option is to use https://www.docker.com/[Docker] to run Redis on localho
 ====

 ----
-$ ./gradlew :samples:findbyusername:tomcatRun
+$ ./gradlew :spring-session-sample-boot-findbyusername:bootRun
 ----

 You should now be able to access the application at http://localhost:8080/
--- a/docs/src/docs/asciidoc/guides/boot-jdbc.adoc
+++ b/docs/src/docs/asciidoc/guides/boot-jdbc.adoc
@@ -37,7 +37,7 @@ Thanks to first-class auto configuration support, setting up Spring Session back

 .src/main/resources/application.properties
 ----
-spring.session.store-type=jdbc
+spring.session.store-type=jdbc # Session store type.
 ----

 Under the hood, Spring Boot will apply configuration that is equivalent to manually adding `@EnableJdbcHttpSession` annotation.
@@ -48,10 +48,10 @@ Further customization is possible using `application.properties`:

 .src/main/resources/application.properties
 ----
-server.session.timeout= # Session timeout in seconds.
-spring.session.jdbc.initializer.enabled= # Create the required session tables on startup if necessary. Enabled automatically if the default table name is set or a custom schema is configured.
+server.servlet.session.timeout= # Session timeout. If a duration suffix is not specified, seconds will be used.
+spring.session.jdbc.initialize-schema=embedded # Database schema initialization mode.
 spring.session.jdbc.schema=classpath:org/springframework/session/jdbc/schema-@@platform@@.sql # Path to the SQL file to use to initialize the database schema.
-spring.session.jdbc.table-name=SPRING_SESSION # Name of database table used to store sessions.
+spring.session.jdbc.table-name=SPRING_SESSION # Name of the database table used to store sessions.
 ----

 For more information, refer to https://docs.spring.io/spring-boot/docs/{spring-boot-version}/reference/htmlsingle/#boot-features-session[Spring Session] portion of the Spring Boot documentation.
@@ -65,9 +65,9 @@ For example, you can include the following in your *application.properties*

 .src/main/resources/application.properties
 ----
-spring.datasource.url=jdbc:postgresql://localhost:5432/myapp
-spring.datasource.username=myapp
-spring.datasource.password=secret
+spring.datasource.url= # JDBC URL of the database.
+spring.datasource.username= # Login username of the database.
+spring.datasource.password= # Login password of the database.
 ----

 For more information, refer to https://docs.spring.io/spring-boot/docs/{spring-boot-version}/reference/htmlsingle/#boot-features-configure-datasource[Configure a DataSource] portion of the Spring Boot documentation.
@@ -95,7 +95,7 @@ The httpsession-jdbc-boot Sample Application demonstrates how to use Spring Sess
 You can run the sample by obtaining the {download-url}[source code] and invoking the following command:

 ----
-$ ./gradlew :samples:httpsession-jdbc-boot:bootRun
+$ ./gradlew :spring-session-sample-boot-jdbc:bootRun
 ----

 You should now be able to access the application at http://localhost:8080/
--- a/docs/src/docs/asciidoc/guides/boot-redis.adoc
+++ b/docs/src/docs/asciidoc/guides/boot-redis.adoc
@@ -35,7 +35,7 @@ Thanks to first-class auto configuration support, setting up Spring Session back

 .src/main/resources/application.properties
 ----
-spring.session.store-type=redis
+spring.session.store-type=redis # Session store type.
 ----

 Under the hood, Spring Boot will apply configuration that is equivalent to manually adding `@EnableRedisHttpSession` annotation.
@@ -46,9 +46,9 @@ Further customization is possible using `application.properties`:

 .src/main/resources/application.properties
 ----
-server.session.timeout= # Session timeout in seconds.
-spring.session.redis.flush-mode= # Sessions flush mode.
-spring.session.redis.namespace= # Namespace for keys used to store sessions.
+server.servlet.session.timeout= # Session timeout. If a duration suffix is not specified, seconds will be used.
+spring.session.redis.flush-mode=on-save # Sessions flush mode.
+spring.session.redis.namespace=spring:session # Namespace for keys used to store sessions.
 ----

 For more information, refer to https://docs.spring.io/spring-boot/docs/{spring-boot-version}/reference/htmlsingle/#boot-features-session[Spring Session] portion of the Spring Boot documentation.
@@ -62,9 +62,9 @@ For example, you can include the following in your *application.properties*

 .src/main/resources/application.properties
 ----
-spring.redis.host=localhost
-spring.redis.password=secret
-spring.redis.port=6379
+spring.redis.host=localhost # Redis server host.
+spring.redis.password= # Login password of the redis server.
+spring.redis.port=6379 # Redis server port.
 ----

 For more information, refer to https://docs.spring.io/spring-boot/docs/{spring-boot-version}/reference/htmlsingle/#boot-features-connecting-to-redis[Connecting to Redis] portion of the Spring Boot documentation.
@@ -97,7 +97,7 @@ Another option is to use https://www.docker.com/[Docker] to run Redis on localho
 ====

 ----
-$ ./gradlew :samples:boot:bootRun
+$ ./gradlew :spring-session-sample-boot-redis:bootRun
 ----

 You should now be able to access the application at http://localhost:8080/
--- a/docs/src/docs/asciidoc/guides/boot-websocket.adoc
+++ b/docs/src/docs/asciidoc/guides/boot-websocket.adoc
@@ -24,7 +24,7 @@ Please make sure you have already integrated Spring Session with the HttpSession
 [[websocket-spring-configuration]]
 == Spring Configuration

-In a typical Spring WebSocket application users would extend `AbstractWebSocketMessageBrokerConfigurer`.
+In a typical Spring WebSocket application users would implement `WebSocketMessageBrokerConfigurer`.
 For example, the configuration might look something like the following:

 [source,java]
@@ -43,7 +43,7 @@ include::{samples-dir}boot/websocket/src/main/java/sample/config/WebSocketConfig

 To hook in the Spring Session support we only need to change two things:

-<1> Instead of extending `AbstractWebSocketMessageBrokerConfigurer` we extend `AbstractSessionWebSocketMessageBrokerConfigurer`
+<1> Instead of implementing `WebSocketMessageBrokerConfigurer` we extend `AbstractSessionWebSocketMessageBrokerConfigurer`
 <2> We rename the `registerStompEndpoints` method to `configureStompEndpoints`

 What does `AbstractSessionWebSocketMessageBrokerConfigurer` do behind the scenes?
@@ -77,7 +77,7 @@ For the purposes of testing session expiration, you may want to change the sessi

 .src/main/resources/application.properties
 ----
-server.session.timeout=60
+server.servlet.session.timeout=1m # Session timeout. If a duration suffix is not specified, seconds will be used.
 ----
 ====

@@ -89,7 +89,7 @@ Another option is to use https://www.docker.com/[Docker] to run Redis on localho
 ====

 ----
-$ ./gradlew :samples:websocket:bootRun
+$ ./gradlew :spring-session-sample-boot-websocket:bootRun
 ----

 You should now be able to access the application at http://localhost:8080/
--- a/docs/src/docs/asciidoc/guides/grails3.adoc
+++ b/docs/src/docs/asciidoc/guides/grails3.adoc
@@ -90,7 +90,7 @@ Another option is to use https://www.docker.com/[Docker] to run Redis on localho
 ====

 ----
-$ ./gradlew :samples:grails3:bootRun
+$ ./gradlew :spring-session-sample-misc-grails3:bootRun
 ----

 You should now be able to access the application at http://localhost:8080/test/index
--- a/docs/src/docs/asciidoc/guides/java-custom-cookie.adoc
+++ b/docs/src/docs/asciidoc/guides/java-custom-cookie.adoc
@@ -27,7 +27,7 @@ This allows sharing a session across domains and applications.
 If the regular expression does not match, no domain is set and the existing domain will be used.
 If the regular expression matches, the first https://docs.oracle.com/javase/tutorial/essential/regex/groups.html[grouping] will be used as the domain.
 This means that a request to https://child.example.com will set the domain to example.com.
-However, a request to http://localhost:8080/ or http://192.168.1.100:8080/ will leave the cookie unset and thus still work in development without any changes necessary for production.
+However, a request to http://localhost:8080/ or https://192.168.1.100:8080/ will leave the cookie unset and thus still work in development without any changes necessary for production.

 [WARNING]
 ====
@@ -84,7 +84,7 @@ Another option is to use https://www.docker.com/[Docker] to run Redis on localho
 ====

 ----
-$ ./gradlew :samples:custom-cookie:tomcatRun
+$ ./gradlew :spring-session-sample-javaconfig-custom-cookie:tomcatRun
 ----

 You should now be able to access the application at http://localhost:8080/
--- a/docs/src/docs/asciidoc/guides/java-hazelcast.adoc
+++ b/docs/src/docs/asciidoc/guides/java-hazelcast.adoc
@@ -85,7 +85,7 @@ In this instance Spring Session is backed by Hazelcast.
 Spring Session provides `PrincipalNameExtractor` for this purpose.
 <3> We create a `HazelcastInstance` that connects Spring Session to Hazelcast.
 By default, an embedded instance of Hazelcast is started and connected to by the application.
-For more information on configuring Hazelcast, refer to the http://docs.hazelcast.org/docs/{hazelcast-version}/manual/html-single/index.html#hazelcast-configuration[reference documentation].
+For more information on configuring Hazelcast, refer to the https://docs.hazelcast.org/docs/{hazelcast-version}/manual/html-single/index.html#hazelcast-configuration[reference documentation].

 == Servlet Container Initialization

@@ -130,11 +130,11 @@ You can run the sample by obtaining the {download-url}[source code] and invoking
 ====
 Hazelcast will run in embedded mode with your application by default, but if you want to connect
 to a stand alone instance instead, you can configure it by following the instructions in the
-http://docs.hazelcast.org/docs/{hazelcast-version}/manual/html-single/index.html#hazelcast-configuration[reference documentation].
+https://docs.hazelcast.org/docs/{hazelcast-version}/manual/html-single/index.html#hazelcast-configuration[reference documentation].
 ====

 ----
-$ ./gradlew :samples:hazelcast-spring:tomcatRun
+$ ./gradlew :spring-session-sample-javaconfig-hazelcast:tomcatRun
 ----

 You should now be able to access the application at http://localhost:8080/
@@ -161,9 +161,9 @@ Go ahead and view the cookies (click for help with https://developers.google.com

 === Interact with the data store

-If you like, you can remove the session using http://docs.hazelcast.org/docs/{hazelcast-version}/manual/html-single/index.html#hazelcast-java-client[a Java client],
-http://docs.hazelcast.org/docs/{hazelcast-version}/manual/html-single/index.html#other-client-implementations[one of the other clients], or the
-http://docs.hazelcast.org/docs/{hazelcast-version}/manual/html-single/index.html#management-center[management center].
+If you like, you can remove the session using https://docs.hazelcast.org/docs/{hazelcast-version}/manual/html-single/index.html#hazelcast-java-client[a Java client],
+https://docs.hazelcast.org/docs/{hazelcast-version}/manual/html-single/index.html#other-client-implementations[one of the other clients], or the
+https://docs.hazelcast.org/docs/{hazelcast-version}/manual/html-single/index.html#management-center[management center].

 ==== Using the console

@@ -172,7 +172,7 @@ For example, using the management center console after connecting to your Hazelc
 	default> ns spring:session:sessions
 	spring:session:sessions> m.clear

-TIP: The Hazelcast documentation has instructions for http://docs.hazelcast.org/docs/{hazelcast-version}/manual/html-single/index.html#executing-console-commands[the console].
+TIP: The Hazelcast documentation has instructions for https://docs.hazelcast.org/docs/{hazelcast-version}/manual/html-single/index.html#executing-console-commands[the console].

 Alternatively, you can also delete the explicit key. Enter the following into the console ensuring to replace `7e8383a4-082c-4ffe-a4bc-c40fd3363c5e` with the value of your SESSION cookie:

@@ -183,7 +183,7 @@ Now visit the application at http://localhost:8080/ and observe that we are no l
 ==== Using the REST API

 As described in the other clients section of the documentation, there is a 
-http://docs.hazelcast.org/docs/{hazelcast-version}/manual/html-single/index.html#rest-client[REST API]
+https://docs.hazelcast.org/docs/{hazelcast-version}/manual/html-single/index.html#rest-client[REST API]
 provided by the Hazelcast node(s).

 For example, you could delete an individual key as follows (replacing `7e8383a4-082c-4ffe-a4bc-c40fd3363c5e` with the value of your SESSION cookie):
--- a/docs/src/docs/asciidoc/guides/java-jdbc.adoc
+++ b/docs/src/docs/asciidoc/guides/java-jdbc.adoc
@@ -119,7 +119,7 @@ This ensures that the Spring Bean by the name `springSessionRepositoryFilter` is
 You can run the sample by obtaining the {download-url}[source code] and invoking the following command:

 ----
-$ ./gradlew :samples:httpsession-jdbc:tomcatRun
+$ ./gradlew :spring-session-sample-javaconfig-jdbc:tomcatRun
 ----

 You should now be able to access the application at http://localhost:8080/
--- a/docs/src/docs/asciidoc/guides/java-redis.adoc
+++ b/docs/src/docs/asciidoc/guides/java-redis.adoc
@@ -131,7 +131,7 @@ Another option is to use https://www.docker.com/[Docker] to run Redis on localho
 ====

 ----
-$ ./gradlew :samples:httpsession:tomcatRun
+$ ./gradlew :spring-session-sample-javaconfig-redis:tomcatRun
 ----

 You should now be able to access the application at http://localhost:8080/
--- a/docs/src/docs/asciidoc/guides/java-rest.adoc
+++ b/docs/src/docs/asciidoc/guides/java-rest.adoc
@@ -132,7 +132,7 @@ Another option is to use https://www.docker.com/[Docker] to run Redis on localho
 ====

 ----
-$ ./gradlew :samples:rest:tomcatRun
+$ ./gradlew :spring-session-sample-javaconfig-rest:tomcatRun
 ----

 You should now be able to access the application at http://localhost:8080/
--- a/docs/src/docs/asciidoc/guides/java-security.adoc
+++ b/docs/src/docs/asciidoc/guides/java-security.adoc
@@ -136,7 +136,7 @@ Another option is to use https://www.docker.com/[Docker] to run Redis on localho
 ====

 ----
-$ ./gradlew :samples:security:tomcatRun
+$ ./gradlew :spring-session-sample-javaconfig-security:tomcatRun
 ----

 You should now be able to access the application at http://localhost:8080/
--- a/docs/src/docs/asciidoc/guides/xml-jdbc.adoc
+++ b/docs/src/docs/asciidoc/guides/xml-jdbc.adoc
@@ -129,7 +129,7 @@ For every request that `DelegatingFilterProxy` is invoked, the `springSessionRep
 You can run the sample by obtaining the {download-url}[source code] and invoking the following command:

 ----
-$ ./gradlew :samples:httpsession-jdbc-xml:tomcatRun
+$ ./gradlew :spring-session-sample-xml-jdbc:tomcatRun
 ----

 You should now be able to access the application at http://localhost:8080/
--- a/docs/src/docs/asciidoc/guides/xml-redis.adoc
+++ b/docs/src/docs/asciidoc/guides/xml-redis.adoc
@@ -139,7 +139,7 @@ Another option is to use https://www.docker.com/[Docker] to run Redis on localho
 ====

 ----
-$ ./gradlew :samples:httpsession-xml:tomcatRun
+$ ./gradlew :spring-session-sample-xml-redis:tomcatRun
 ----

 You should now be able to access the application at http://localhost:8080/
--- a/docs/src/docs/asciidoc/index.adoc
+++ b/docs/src/docs/asciidoc/index.adoc
@@ -147,11 +147,12 @@ As a part of this split, the Spring Session Data MongoDB and Spring Session Data
 * https://github.com/spring-projects/spring-session-data-mongodb[`spring-session-data-mongodb` repository]
 ** Hosts Spring Session Data MongoDB module
 * https://github.com/spring-projects/spring-session-data-geode[`spring-session-data-geode` repository]
-** Hosts Spring Session Data Geode/GemFire module
+** Hosts Spring Session Data Geode and Spring Session Data Geode modules

-Going forward, the plan is to externalize each of the `SessionRepository` implementations into a dedicated repository and provide a Maven BOM (as in "bill of materials") module in order to help users with version management concerns.
+Finally, Spring Session now also provides a Maven BOM (as in "bill of materials") module in order to help users with version management concerns:

-Modules maintained by the members of Spring Team will be hosted within the https://github.com/spring-projects[`spring-projects` organization], while the community maintained modules will continue to be promoted via <<community-extensions,Community Extensions>> section of this manual.
+* https://github.com/spring-projects/spring-session-bom[`spring-session-bom` repository]
+** Hosts Spring Session BOM module

 [[httpsession]]
 == HttpSession Integration
@@ -1100,7 +1101,7 @@ A typical example of how to create a new instance can be seen below:
 include::{indexdoc-tests}[tags=new-hazelcastsessionrepository]
 ----

-For additional information on how to create and configure Hazelcast instance, refer to the http://docs.hazelcast.org/docs/{hazelcast-version}/manual/html-single/index.html#hazelcast-configuration[Hazelcast documentation].
+For additional information on how to create and configure Hazelcast instance, refer to the https://docs.hazelcast.org/docs/{hazelcast-version}/manual/html-single/index.html#hazelcast-configuration[Hazelcast documentation].

 [[api-enablehazelcasthttpsession]]
 ==== EnableHazelcastHttpSession
@@ -1199,7 +1200,7 @@ Note that these two have moved to separate repositories, and will continue to be
 === Dropped Support

 As a part of the changes to `HttpSessionStrategy` and it's alignment to the counterpart from the reactive world, the support for managing multiple users' sessions in a single browser instance has been removed.
-This introduction of new API to replace this functionality in consideration for future releases.
+The introduction of a new API to replace this functionality is under consideration for future releases.

 [[community]]
 == Spring Session Community
@@ -1243,7 +1244,7 @@ Spring Session is Open Source software released under the https://www.apache.org
 | https://github.com/maseev/spring-session-orientdb

 | Spring Session Infinispan
-| http://infinispan.org/docs/dev/user_guide/user_guide.html#externalizing_session_using_spring_session
+| https://infinispan.org/docs/dev/user_guide/user_guide.html#externalizing_session_using_spring_session

 |===

--- a/docs/src/main/java/docs/Docs.java
+++ b/docs/src/main/java/docs/Docs.java
@@ -5,7 +5,7 @@
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
- *      http://www.apache.org/licenses/LICENSE-2.0
+ *      https://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
--- a/docs/src/test/java/docs/FindByIndexNameSessionRepositoryTests.java
+++ b/docs/src/test/java/docs/FindByIndexNameSessionRepositoryTests.java
@@ -5,7 +5,7 @@
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
- *      http://www.apache.org/licenses/LICENSE-2.0
+ *      https://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
--- a/docs/src/test/java/docs/HttpSessionConfigurationNoOpConfigureRedisActionXmlTests.java
+++ b/docs/src/test/java/docs/HttpSessionConfigurationNoOpConfigureRedisActionXmlTests.java
@@ -5,7 +5,7 @@
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
- *      http://www.apache.org/licenses/LICENSE-2.0
+ *      https://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
--- a/docs/src/test/java/docs/IndexDocTests.java
+++ b/docs/src/test/java/docs/IndexDocTests.java
@@ -5,7 +5,7 @@
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
- *      http://www.apache.org/licenses/LICENSE-2.0
+ *      https://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
--- a/docs/src/test/java/docs/RedisHttpSessionConfigurationNoOpConfigureRedisActionTests.java
+++ b/docs/src/test/java/docs/RedisHttpSessionConfigurationNoOpConfigureRedisActionTests.java
@@ -5,7 +5,7 @@
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
- *      http://www.apache.org/licenses/LICENSE-2.0
+ *      https://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
--- a/docs/src/test/java/docs/SpringHttpSessionConfig.java
+++ b/docs/src/test/java/docs/SpringHttpSessionConfig.java
@@ -5,7 +5,7 @@
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
- *      http://www.apache.org/licenses/LICENSE-2.0
+ *      https://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
--- a/docs/src/test/java/docs/SpringWebSessionConfig.java
+++ b/docs/src/test/java/docs/SpringWebSessionConfig.java
@@ -5,7 +5,7 @@
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
- *      http://www.apache.org/licenses/LICENSE-2.0
+ *      https://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
--- a/docs/src/test/java/docs/http/AbstractHttpSessionListenerTests.java
+++ b/docs/src/test/java/docs/http/AbstractHttpSessionListenerTests.java
@@ -5,7 +5,7 @@
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
- *      http://www.apache.org/licenses/LICENSE-2.0
+ *      https://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
--- a/docs/src/test/java/docs/http/HazelcastHttpSessionConfig.java
+++ b/docs/src/test/java/docs/http/HazelcastHttpSessionConfig.java
@@ -5,7 +5,7 @@
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
- *      http://www.apache.org/licenses/LICENSE-2.0
+ *      https://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
--- a/docs/src/test/java/docs/http/HttpSessionListenerJavaConfigTests.java
+++ b/docs/src/test/java/docs/http/HttpSessionListenerJavaConfigTests.java
@@ -5,7 +5,7 @@
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
- *      http://www.apache.org/licenses/LICENSE-2.0
+ *      https://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
--- a/docs/src/test/java/docs/http/HttpSessionListenerXmlTests.java
+++ b/docs/src/test/java/docs/http/HttpSessionListenerXmlTests.java
@@ -5,7 +5,7 @@
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
- *      http://www.apache.org/licenses/LICENSE-2.0
+ *      https://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
--- a/docs/src/test/java/docs/http/RedisHttpSessionConfig.java
+++ b/docs/src/test/java/docs/http/RedisHttpSessionConfig.java
@@ -5,7 +5,7 @@
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
- *      http://www.apache.org/licenses/LICENSE-2.0
+ *      https://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
--- a/docs/src/test/java/docs/security/RememberMeSecurityConfiguration.java
+++ b/docs/src/test/java/docs/security/RememberMeSecurityConfiguration.java
@@ -1,11 +1,11 @@
 /*
- * Copyright 2014-2017 the original author or authors.
+ * Copyright 2014-2018 the original author or authors.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
- *      http://www.apache.org/licenses/LICENSE-2.0
+ *      https://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
@@ -24,7 +24,6 @@ import org.springframework.security.config.annotation.web.configuration.EnableWe
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
 import org.springframework.security.core.userdetails.User;
 import org.springframework.security.provisioning.InMemoryUserDetailsManager;
-import org.springframework.security.web.authentication.RememberMeServices;
 import org.springframework.session.MapSessionRepository;
 import org.springframework.session.config.annotation.web.http.EnableSpringHttpSession;
 import org.springframework.session.security.web.authentication.SpringSessionRememberMeServices;
@@ -54,7 +53,7 @@ public class RememberMeSecurityConfiguration extends WebSecurityConfigurerAdapte

 	// tag::rememberme-bean[]
 	@Bean
-	RememberMeServices rememberMeServices() {
+	public SpringSessionRememberMeServices rememberMeServices() {
 		SpringSessionRememberMeServices rememberMeServices =
 				new SpringSessionRememberMeServices();
 		// optionally customize
@@ -67,8 +66,8 @@ public class RememberMeSecurityConfiguration extends WebSecurityConfigurerAdapte
 	@Override
 	@Bean
 	public InMemoryUserDetailsManager userDetailsService() {
-		return new InMemoryUserDetailsManager(User.withDefaultPasswordEncoder()
-				.username("user").password("password").roles("USER").build());
+		return new InMemoryUserDetailsManager(User.withUsername("user")
+				.password("{noop}password").roles("USER").build());
 	}

 	@Bean
--- a/docs/src/test/java/docs/security/RememberMeSecurityConfigurationTests.java
+++ b/docs/src/test/java/docs/security/RememberMeSecurityConfigurationTests.java
@@ -5,7 +5,7 @@
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
- *      http://www.apache.org/licenses/LICENSE-2.0
+ *      https://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
--- a/docs/src/test/java/docs/security/RememberMeSecurityConfigurationXmlTests.java
+++ b/docs/src/test/java/docs/security/RememberMeSecurityConfigurationXmlTests.java
@@ -5,7 +5,7 @@
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
- *      http://www.apache.org/licenses/LICENSE-2.0
+ *      https://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
--- a/docs/src/test/java/docs/security/SecurityConfiguration.java
+++ b/docs/src/test/java/docs/security/SecurityConfiguration.java
@@ -1,11 +1,11 @@
 /*
- * Copyright 2014-2017 the original author or authors.
+ * Copyright 2014-2019 the original author or authors.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
- *      http://www.apache.org/licenses/LICENSE-2.0
+ *      https://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
@@ -30,10 +30,11 @@ import org.springframework.session.security.SpringSessionBackedSessionRegistry;
 */
 // tag::class[]
@Configuration
-public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
+public class SecurityConfiguration<S extends Session>
+		extends WebSecurityConfigurerAdapter {

 	@Autowired
-	private FindByIndexNameSessionRepository<Session> sessionRepository;
+	private FindByIndexNameSessionRepository<S> sessionRepository;

 	@Override
 	protected void configure(HttpSecurity http) throws Exception {
@@ -47,7 +48,7 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
 	}

 	@Bean
-	SpringSessionBackedSessionRegistry sessionRegistry() {
+	public SpringSessionBackedSessionRegistry<S> sessionRegistry() {
 		return new SpringSessionBackedSessionRegistry<>(this.sessionRepository);
 	}
 }
--- a/docs/src/test/java/docs/websocket/WebSocketConfig.java
+++ b/docs/src/test/java/docs/websocket/WebSocketConfig.java
@@ -1,11 +1,11 @@
 /*
- * Copyright 2014-2016 the original author or authors.
+ * Copyright 2014-2018 the original author or authors.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
- *      http://www.apache.org/licenses/LICENSE-2.0
+ *      https://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
@@ -19,9 +19,9 @@ package docs.websocket;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.messaging.simp.config.MessageBrokerRegistry;
 import org.springframework.scheduling.annotation.EnableScheduling;
-import org.springframework.web.socket.config.annotation.AbstractWebSocketMessageBrokerConfigurer;
 import org.springframework.web.socket.config.annotation.EnableWebSocketMessageBroker;
 import org.springframework.web.socket.config.annotation.StompEndpointRegistry;
+import org.springframework.web.socket.config.annotation.WebSocketMessageBrokerConfigurer;

 /**
 * @author Rob Winch
@@ -30,7 +30,7 @@ import org.springframework.web.socket.config.annotation.StompEndpointRegistry;
@Configuration
@EnableScheduling
@EnableWebSocketMessageBroker
-public class WebSocketConfig extends AbstractWebSocketMessageBrokerConfigurer {
+public class WebSocketConfig implements WebSocketMessageBrokerConfigurer {

 	@Override
 	public void registerStompEndpoints(StompEndpointRegistry registry) {
--- a/docs/src/test/resources/docs/HttpSessionConfigurationNoOpConfigureRedisActionXmlTests-context.xml
+++ b/docs/src/test/resources/docs/HttpSessionConfigurationNoOpConfigureRedisActionXmlTests-context.xml
@@ -4,9 +4,9 @@
 	xmlns:context="http://www.springframework.org/schema/context"
 	xmlns:p="http://www.springframework.org/schema/p"
 	xmlns:util="http://www.springframework.org/schema/util"
-	xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
-		http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd
-		http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-4.1.xsd">
+	xsi:schemaLocation="http://www.springframework.org/schema/beans https://www.springframework.org/schema/beans/spring-beans.xsd
+		http://www.springframework.org/schema/context https://www.springframework.org/schema/context/spring-context.xsd
+		http://www.springframework.org/schema/util https://www.springframework.org/schema/util/spring-util-4.1.xsd">

 	<context:annotation-config/>

--- a/docs/src/test/resources/docs/http/HttpSessionListenerXmlTests-context.xml
+++ b/docs/src/test/resources/docs/http/HttpSessionListenerXmlTests-context.xml
@@ -4,9 +4,9 @@
 	xmlns:context="http://www.springframework.org/schema/context"
 	xmlns:p="http://www.springframework.org/schema/p"
 	xmlns:util="http://www.springframework.org/schema/util"
-	xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
-		http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd
-		http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-4.1.xsd">
+	xsi:schemaLocation="http://www.springframework.org/schema/beans https://www.springframework.org/schema/beans/spring-beans.xsd
+		http://www.springframework.org/schema/context https://www.springframework.org/schema/context/spring-context.xsd
+		http://www.springframework.org/schema/util https://www.springframework.org/schema/util/spring-util-4.1.xsd">

 	<!-- tag::config[] -->
 	<bean class="org.springframework.security.web.session.HttpSessionEventPublisher"/>
--- a/docs/src/test/resources/docs/security/RememberMeSecurityConfigurationXmlTests-context.xml
+++ b/docs/src/test/resources/docs/security/RememberMeSecurityConfigurationXmlTests-context.xml
@@ -3,8 +3,8 @@
 	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 	xmlns:security="http://www.springframework.org/schema/security"
 	xmlns:p="http://www.springframework.org/schema/p"
-	xsi:schemaLocation="http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd
-		http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd">
+	xsi:schemaLocation="http://www.springframework.org/schema/security https://www.springframework.org/schema/security/spring-security.xsd
+		http://www.springframework.org/schema/beans https://www.springframework.org/schema/beans/spring-beans.xsd">

 	<!-- tag::config[] -->
 	<security:http>
--- a/docs/src/test/resources/docs/security/security-config.xml
+++ b/docs/src/test/resources/docs/security/security-config.xml
@@ -2,8 +2,8 @@
 <beans xmlns="http://www.springframework.org/schema/beans"
 	   xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 	   xmlns:security="http://www.springframework.org/schema/security"
-	   xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
-						   http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd">
+	   xsi:schemaLocation="http://www.springframework.org/schema/beans https://www.springframework.org/schema/beans/spring-beans.xsd
+						   http://www.springframework.org/schema/security https://www.springframework.org/schema/security/spring-security.xsd">

 	<!-- tag::config[] -->
 	<security:http>
--- a/etc/checkstyle/checkstyle.xml
+++ b/etc/checkstyle/checkstyle.xml
@@ -1,166 +1,12 @@
 <?xml version="1.0"?>
-<!DOCTYPE module PUBLIC "-//Puppy Crawl//DTD Check Configuration 1.3//EN"
-		"http://www.puppycrawl.com/dtds/configuration_1_3.dtd">
+<!DOCTYPE module PUBLIC "-//Checkstyle//DTD Checkstyle Configuration 1.3//EN"
+		"https://checkstyle.org/dtds/configuration_1_3.dtd">
 <module name="Checker">
-	<!-- Suppressions -->
+	<!-- Supressions -->
 	<module name="SuppressionFilter">
-		<property name="file" value="${configDir}/suppressions.xml"/>
+		<property name="file" value="${config_loc}/suppressions.xml"/>
 	</module>

 	<!-- Root Checks -->
-	<module name="RegexpHeader">
-		<property name="headerFile" value="${configDir}/header.txt"/>
-		<property name="fileExtensions" value="java"/>
-	</module>
-	<module name="NewlineAtEndOfFile">
-		<property name="lineSeparator" value="lf"/>
-		<property name="fileExtensions" value="java,xml"/>
-	</module>
-
-	<!-- TreeWalker Checks -->
-	<module name="TreeWalker">
-		<!-- Annotations -->
-		<module name="AnnotationUseStyle">
-			<property name="elementStyle" value="compact"/>
-		</module>
-		<module name="MissingOverride"/>
-		<module name="PackageAnnotation"/>
-		<module name="AnnotationLocation">
-			<property name="allowSamelineSingleParameterlessAnnotation" value="false" />
-		</module>
-
-		<!-- Block Checks -->
-		<module name="EmptyBlock">
-			<property name="option" value="text"/>
-		</module>
-		<module name="LeftCurly"/>
-		<module name="RightCurly">
-			<property name="option" value="alone"/>
-		</module>
-		<module name="NeedBraces"/>
-		<module name="AvoidNestedBlocks"/>
-
-		<!-- Class Design -->
-		<module name="FinalClass"/>
-		<module name="InterfaceIsType"/>
-		<module name="HideUtilityClassConstructor"/>
-		<module name="MutableException"/>
-		<module name="InnerTypeLast"/>
-		<module name="OneTopLevelClass"/>
-
-		<!-- Coding -->
-		<module name="CovariantEquals"/>
-		<module name="EmptyStatement"/>
-		<module name="EqualsHashCode"/>
-		<module name="InnerAssignment"/>
-		<module name="SimplifyBooleanExpression"/>
-		<module name="SimplifyBooleanReturn"/>
-		<module name="StringLiteralEquality"/>
-		<module name="NestedForDepth">
-			<property name="max" value="3"/>
-		</module>
-		<module name="NestedIfDepth">
-			<property name="max" value="3"/>
-		</module>
-		<module name="NestedTryDepth">
-			<property name="max" value="3"/>
-		</module>
-		<module name="MultipleVariableDeclarations"/>
-		<module name="RequireThis">
-			<property name="checkMethods" value="false"/>
-		</module>
-		<module name="OneStatementPerLine"/>
-
-		<!-- Imports -->
-		<module name="AvoidStarImport"/>
-		<module name="AvoidStaticImport">
-			<property name="excludes"
-					value="org.assertj.core.api.Assertions.*, org.mockito.Mockito.*, org.mockito.BDDMockito.*, org.mockito.AdditionalMatchers.*, org.mockito.ArgumentMatchers.*, org.springframework.test.web.servlet.request.MockMvcRequestBuilders.*, org.springframework.test.web.servlet.result.MockMvcResultHandlers.*, org.springframework.test.web.servlet.result.MockMvcResultMatchers.*, org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.*, org.springframework.security.test.web.servlet.setup.SecurityMockMvcConfigurers.*, org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestBuilders.*, org.springframework.hateoas.mvc.ControllerLinkBuilder.linkTo"/>
-		</module>
-		<module name="IllegalImport"/>
-		<module name="RedundantImport"/>
-		<module name="UnusedImports">
-			<property name="processJavadoc" value="true"/>
-		</module>
-		<module name="ImportOrder">
-			<property name="groups" value="java,/^javax?\./,*,org.springframework"/>
-			<property name="ordered" value="true"/>
-			<property name="separated" value="true"/>
-			<property name="option" value="bottom"/>
-			<property name="sortStaticImportsAlphabetically" value="true"/>
-		</module>
-
-		<!-- Javadoc Comments -->
-		<module name="JavadocType">
-			<property name="scope" value="package"/>
-			<property name="authorFormat" value=".+\s.+"/>
-		</module>
-		<module name="JavadocMethod">
-			<property name="allowMissingJavadoc" value="true"/>
-		</module>
-		<module name="JavadocVariable">
-			<property name="scope" value="public"/>
-		</module>
-		<module name="JavadocStyle">
-			<property name="checkEmptyJavadoc" value="true"/>
-		</module>
-		<module name="NonEmptyAtclauseDescription"/>
-		<module name="JavadocTagContinuationIndentation">
-			<property name="offset" value="0"/>
-		</module>
-		<module name="AtclauseOrder">
-			<property name="target" value="CLASS_DEF, INTERFACE_DEF, ENUM_DEF"/>
-			<property name="tagOrder" value="@param, @author, @since, @see, @version, @serial, @deprecated"/>
-		</module>
-		<module name="AtclauseOrder">
-			<property name="target" value="METHOD_DEF, CTOR_DEF, VARIABLE_DEF"/>
-			<property name="tagOrder" value="@param, @return, @throws, @since, @deprecated, @see"/>
-		</module>
-
-		<!-- Miscellaneous -->
-		<module name="CommentsIndentation"/>
-		<module name="UpperEll"/>
-		<module name="ArrayTypeStyle"/>
-		<module name="OuterTypeFilename"/>
-
-		<!-- Modifiers -->
-		<module name="RedundantModifier"/>
-
-		<!-- Regexp -->
-		<module name="RegexpSinglelineJava">
-			<property name="format" value="^\t* +\t*\S"/>
-			<property name="message" value="Line has leading space characters; indentation should be performed with tabs only."/>
-			<property name="ignoreComments" value="true"/>
-		</module>
-		<module name="RegexpSinglelineJava">
-			<property name="maximum" value="0"/>
-			<property name="format" value="org\.mockito\.Mockito\.(when|doThrow|doAnswer)"/>
-			<property name="message"
-				value="Please use BDDMockto imports."/>
-			<property name="ignoreComments" value="true"/>
-		</module>
-		<module name="RegexpSinglelineJava">
-			<property name="maximum" value="0"/>
-			<property name="format" value="org\.junit\.Assert\.assert"/>
-			<property name="message" value="Please use AssertJ imports."/>
-			<property name="ignoreComments" value="true"/>
-		</module>
-		<module name="Regexp">
-			<property name="format" value="[ \t]+$"/>
-			<property name="illegalPattern" value="true"/>
-			<property name="message" value="Trailing whitespace"/>
-		</module>
-
-		<!-- Whitespace -->
-		<module name="GenericWhitespace"/>
-		<module name="MethodParamPad"/>
-		<module name="NoWhitespaceAfter">
-			<property name="tokens" value="BNOT, DEC, DOT, INC, LNOT, UNARY_MINUS, UNARY_PLUS, ARRAY_DECLARATOR"/>
-		</module>
-		<module name="NoWhitespaceBefore"/>
-		<module name="ParenPad"/>
-		<module name="TypecastParenPad"/>
-		<module name="WhitespaceAfter"/>
-		<module name="WhitespaceAround"/>
-	</module>
+	<module name="io.spring.javaformat.checkstyle.SpringChecks"/>
 </module>
--- a/etc/checkstyle/header.txt
+++ b/etc/checkstyle/header.txt
@@ -1,16 +0,0 @@
-^\Q/*\E$
-^\Q * Copyright 2014-\E20\d\d\Q the original author or authors.\E$
-^\Q *\E$
-^\Q * Licensed under the Apache License, Version 2.0 (the "License");\E$
-^\Q * you may not use this file except in compliance with the License.\E$
-^\Q * You may obtain a copy of the License at\E$
-^\Q *\E$
-^\Q *      http://www.apache.org/licenses/LICENSE-2.0\E$
-^\Q *\E$
-^\Q * Unless required by applicable law or agreed to in writing, software\E$
-^\Q * distributed under the License is distributed on an "AS IS" BASIS,\E$
-^\Q * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\E$
-^\Q * See the License for the specific language governing permissions and\E$
-^\Q * limitations under the License.\E$
-^\Q */\E$
-^.*$
--- a/etc/checkstyle/suppressions.xml
+++ b/etc/checkstyle/suppressions.xml
@@ -1,18 +1,17 @@
 <?xml version="1.0"?>
-<!DOCTYPE suppressions PUBLIC "-//Puppy Crawl//DTD Suppressions 1.1//EN"
-		"http://www.puppycrawl.com/dtds/suppressions_1_1.dtd">
+<!DOCTYPE suppressions PUBLIC "-//Checkstyle//DTD SuppressionFilter Configuration 1.2//EN"
+		"https://checkstyle.org/dtds/suppressions_1_2.dtd">
 <suppressions>
-	<suppress files=".+Application\.java" checks="HideUtilityClassConstructor"/>
-	<suppress files=".+Configuration\.java" checks="HideUtilityClassConstructor"/>
+	<!-- global -->
+	<suppress files="[\\/]src[\\/]integration-test[\\/]java[\\/]" checks="Javadoc*"/>

-	<suppress files="[\\/]src[\\/]test[\\/]java[\\/]" checks="Javadoc"/>
-	<suppress files="[\\/]src[\\/]integration-test[\\/]java[\\/]" checks="Javadoc"/>
-
-	<suppress files="[\\/]docs[\\/]" checks="Javadoc"/>
-	<suppress files="[\\/]docs[\\/]" checks="CommentsIndentation"/>
+	<!-- docs -->
+	<suppress files="[\\/]docs[\\/]" checks="Javadoc*"/>
 	<suppress files="[\\/]docs[\\/]" checks="InnerTypeLast"/>

-	<suppress files="[\\/]samples[\\/]" checks="Javadoc"/>
-	<suppress files="[\\/]samples[\\/]" checks="CommentsIndentation"/>
-	<suppress files="[\\/]samples[\\/]" checks="InnerTypeLast"/>
+	<!-- samples -->
+	<suppress files="[\\/]samples[\\/]" checks="Javadoc*"/>
+	<suppress files="[\\/]samples[\\/].+Application\.java" checks="HideUtilityClassConstructor"/>
+
+	<suppress files="SessionRepositoryFilterTests\.java" checks="SpringLambda"/>
 </suppressions>
--- a/etc/eclipse/.checkstyle
+++ b/etc/eclipse/.checkstyle
--- a/etc/eclipse/eclipse-code-formatter.xml
+++ b/etc/eclipse/eclipse-code-formatter.xml
--- a/etc/eclipse/org.eclipse.jdt.core.prefs
+++ b/etc/eclipse/org.eclipse.jdt.core.prefs
--- a/etc/eclipse/org.eclipse.jdt.ui.prefs
+++ b/etc/eclipse/org.eclipse.jdt.ui.prefs
--- a/gradle.properties
+++ b/gradle.properties
@@ -1,2 +1,2 @@
-springBootVersion=2.0.0.M7
-version=2.0.0.RELEASE
+springBootVersion=2.0.8.RELEASE
+version=2.0.11.BUILD-SNAPSHOT
--- a/gradle/dependency-management.gradle
+++ b/gradle/dependency-management.gradle
@@ -1,42 +1,32 @@
 dependencyManagement {
 	imports {
-		mavenBom 'com.fasterxml.jackson:jackson-bom:2.9.3'
-		mavenBom 'io.projectreactor:reactor-bom:Bismuth-SR4'
-		mavenBom 'org.springframework:spring-framework-bom:5.0.2.RELEASE'
-		mavenBom 'org.springframework.data:spring-data-releasetrain:Kay-SR2'
-		mavenBom 'org.springframework.security:spring-security-bom:5.0.0.RELEASE'
+		mavenBom 'com.fasterxml.jackson:jackson-bom:2.9.6'
+		mavenBom 'io.projectreactor:reactor-bom:Bismuth-SR1'
+		mavenBom 'org.springframework:spring-framework-bom:5.0.13.RELEASE'
+		mavenBom 'org.springframework.data:spring-data-releasetrain:Kay-SR14'
+		mavenBom 'org.springframework.security:spring-security-bom:5.0.12.RELEASE'
+		mavenBom 'org.testcontainers:testcontainers-bom:1.10.5'
 	}

 	dependencies {
-		dependencySet(group: 'com.hazelcast', version: '3.9.1') {
+		dependencySet(group: 'com.hazelcast', version: '3.9.4') {
 			entry 'hazelcast'
 			entry 'hazelcast-client'
 		}

-		dependencySet(group: 'org.testcontainers', version: '1.5.1') {
-			entry 'mysql'
-			entry 'postgresql'
-			entry 'testcontainers'
-		}
-
-		dependencySet(group: 'org.testcontainers', version: '1.4.3') {
-			entry 'mariadb'
-			entry 'mssqlserver'
-		}
-
-		dependency 'com.h2database:h2:1.4.196'
-		dependency 'com.microsoft.sqlserver:mssql-jdbc:6.2.2.jre8'
+		dependency 'com.h2database:h2:1.4.197'
+		dependency 'com.microsoft.sqlserver:mssql-jdbc:7.0.0.jre8'
 		dependency 'edu.umd.cs.mtc:multithreadedtc:1.01'
-		dependency 'io.lettuce:lettuce-core:5.0.1.RELEASE'
+		dependency 'io.lettuce:lettuce-core:5.1.3.RELEASE'
+		dependency 'javax.annotation:javax.annotation-api:1.3.2'
 		dependency 'javax.servlet:javax.servlet-api:3.1.0'
 		dependency 'junit:junit:4.12'
-		dependency 'mysql:mysql-connector-java:5.1.45'
-		dependency 'org.apache.derby:derby:10.14.1.0'
-		dependency 'org.assertj:assertj-core:3.9.0'
-		dependency 'org.hsqldb:hsqldb:2.4.0'
-		dependency 'org.mariadb.jdbc:mariadb-java-client:2.2.1'
-		dependency 'org.mockito:mockito-core:2.13.0'
-		dependency 'org.postgresql:postgresql:42.1.4'
-		dependency 'org.seleniumhq.selenium:htmlunit-driver:2.29.0'
+		dependency 'mysql:mysql-connector-java:8.0.13'
+		dependency 'org.apache.derby:derby:10.14.2.0'
+		dependency 'org.assertj:assertj-core:3.11.1'
+		dependency 'org.hsqldb:hsqldb:2.4.1'
+		dependency 'org.mariadb.jdbc:mariadb-java-client:2.3.0'
+		dependency 'org.mockito:mockito-core:2.23.4'
+		dependency 'org.postgresql:postgresql:42.2.5'
 	}
 }
--- a/gradle/wrapper/gradle-wrapper.jar
+++ b/gradle/wrapper/gradle-wrapper.jar
--- a/gradle/wrapper/gradle-wrapper.properties
+++ b/gradle/wrapper/gradle-wrapper.properties
@@ -1,5 +1,5 @@
 distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
+distributionUrl=https\://services.gradle.org/distributions/gradle-4.10.3-bin.zip
 zipStoreBase=GRADLE_USER_HOME
 zipStorePath=wrapper/dists
-distributionUrl=https\://services.gradle.org/distributions/gradle-4.4.1-bin.zip
--- a/samples/boot/findbyusername/README.adoc
+++ b/samples/boot/findbyusername/README.adoc
@@ -1,4 +0,0 @@
-Demonstrates using Spring Session to lookup a user's session by the username.
-The sample provides a hook to add the current username to the session (required for finding the user) by providing a custom implementation of Spring Security's `AuthenticationSuccessHandler`.
-
-NOTE: This product includes GeoLite2 data created by MaxMind, available from http://www.maxmind.com
--- a/samples/boot/findbyusername/spring-session-sample-boot-findbyusername.gradle
+++ b/samples/boot/findbyusername/spring-session-sample-boot-findbyusername.gradle
@@ -10,7 +10,7 @@ dependencies {
 	compile "nz.net.ultraq.thymeleaf:thymeleaf-layout-dialect"
 	compile "org.webjars:bootstrap"
 	compile "org.webjars:html5shiv"
-	compile "org.webjars:webjars-locator"
+	compile "org.webjars:webjars-locator-core"
 	compile "com.maxmind.geoip2:geoip2"
 	compile "org.apache.httpcomponents:httpclient"

--- a/samples/boot/findbyusername/src/integration-test/java/sample/FindByUsernameTests.java
+++ b/samples/boot/findbyusername/src/integration-test/java/sample/FindByUsernameTests.java
@@ -1,11 +1,11 @@
 /*
- * Copyright 2014-2018 the original author or authors.
+ * Copyright 2014-2019 the original author or authors.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
- *      http://www.apache.org/licenses/LICENSE-2.0
+ *      https://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
@@ -18,7 +18,6 @@ package sample;

 import org.junit.After;
 import org.junit.Before;
-import org.junit.ClassRule;
 import org.junit.Test;
 import org.junit.runner.RunWith;
 import org.openqa.selenium.WebDriver;
@@ -30,10 +29,9 @@ import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc;
 import org.springframework.boot.test.context.SpringBootTest;
 import org.springframework.boot.test.context.SpringBootTest.WebEnvironment;
-import org.springframework.boot.test.util.TestPropertyValues;
-import org.springframework.context.ApplicationContextInitializer;
-import org.springframework.context.ConfigurableApplicationContext;
-import org.springframework.test.context.ContextConfiguration;
+import org.springframework.boot.test.context.TestConfiguration;
+import org.springframework.context.annotation.Bean;
+import org.springframework.data.redis.connection.lettuce.LettuceConnectionFactory;
 import org.springframework.test.context.junit4.SpringRunner;
 import org.springframework.test.web.servlet.MockMvc;
 import org.springframework.test.web.servlet.htmlunit.webdriver.MockMvcHtmlUnitDriverBuilder;
@@ -45,15 +43,10 @@ import org.springframework.test.web.servlet.htmlunit.webdriver.MockMvcHtmlUnitDr
 */
@RunWith(SpringRunner.class)
@AutoConfigureMockMvc
-@SpringBootTest(classes = FindByUsernameApplication.class, webEnvironment = WebEnvironment.MOCK)
-@ContextConfiguration(initializers = FindByUsernameTests.Initializer.class)
+@SpringBootTest(webEnvironment = WebEnvironment.MOCK)
 public class FindByUsernameTests {

-	private static final String DOCKER_IMAGE = "redis:4.0.6";
-
-	@ClassRule
-	public static GenericContainer redisContainer = new GenericContainer(DOCKER_IMAGE)
-			.withExposedPorts(6379);
+	private static final String DOCKER_IMAGE = "redis:4.0.12";

 	@Autowired
 	private MockMvc mockMvc;
@@ -86,16 +79,21 @@ public class FindByUsernameTests {
 		home.terminateButtonDisabled();
 	}

-	static class Initializer
-			implements ApplicationContextInitializer<ConfigurableApplicationContext> {
+	@TestConfiguration
+	static class Config {

-		@Override
-		public void initialize(
-				ConfigurableApplicationContext configurableApplicationContext) {
-			TestPropertyValues
-					.of("spring.redis.host=" + redisContainer.getContainerIpAddress(),
-							"spring.redis.port=" + redisContainer.getFirstMappedPort())
-					.applyTo(configurableApplicationContext.getEnvironment());
+		@Bean
+		public GenericContainer redisContainer() {
+			GenericContainer redisContainer = new GenericContainer(DOCKER_IMAGE)
+					.withExposedPorts(6379);
+			redisContainer.start();
+			return redisContainer;
+		}
+
+		@Bean
+		public LettuceConnectionFactory redisConnectionFactory() {
+			return new LettuceConnectionFactory(redisContainer().getContainerIpAddress(),
+					redisContainer().getFirstMappedPort());
 		}

 	}
--- a/samples/boot/findbyusername/src/integration-test/java/sample/pages/BasePage.java
+++ b/samples/boot/findbyusername/src/integration-test/java/sample/pages/BasePage.java
@@ -5,7 +5,7 @@
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
- *      http://www.apache.org/licenses/LICENSE-2.0
+ *      https://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
--- a/samples/boot/findbyusername/src/integration-test/java/sample/pages/HomePage.java
+++ b/samples/boot/findbyusername/src/integration-test/java/sample/pages/HomePage.java
@@ -5,7 +5,7 @@
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
- *      http://www.apache.org/licenses/LICENSE-2.0
+ *      https://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
--- a/samples/boot/findbyusername/src/integration-test/java/sample/pages/LoginPage.java
+++ b/samples/boot/findbyusername/src/integration-test/java/sample/pages/LoginPage.java
@@ -5,7 +5,7 @@
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
- *      http://www.apache.org/licenses/LICENSE-2.0
+ *      https://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
--- a/samples/boot/findbyusername/src/main/java/sample/FindByUsernameApplication.java
+++ b/samples/boot/findbyusername/src/main/java/sample/FindByUsernameApplication.java
@@ -5,7 +5,7 @@
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
- *      http://www.apache.org/licenses/LICENSE-2.0
+ *      https://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
--- a/samples/boot/findbyusername/src/main/java/sample/config/GeoConfig.java
+++ b/samples/boot/findbyusername/src/main/java/sample/config/GeoConfig.java
@@ -5,7 +5,7 @@
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
- *      http://www.apache.org/licenses/LICENSE-2.0
+ *      https://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
--- a/samples/boot/findbyusername/src/main/java/sample/config/SecurityConfig.java
+++ b/samples/boot/findbyusername/src/main/java/sample/config/SecurityConfig.java
@@ -1,11 +1,11 @@
 /*
- * Copyright 2014-2017 the original author or authors.
+ * Copyright 2014-2018 the original author or authors.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
- *      http://www.apache.org/licenses/LICENSE-2.0
+ *      https://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
@@ -16,14 +16,10 @@

 package sample.config;

-import org.springframework.boot.autoconfigure.security.StaticResourceRequest;
-import org.springframework.context.annotation.Bean;
+import org.springframework.boot.autoconfigure.security.servlet.PathRequest;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
-import org.springframework.security.core.userdetails.User;
-import org.springframework.security.core.userdetails.UserDetailsService;
-import org.springframework.security.provisioning.InMemoryUserDetailsManager;

 /**
 * Spring Security configuration.
@@ -34,20 +30,13 @@ import org.springframework.security.provisioning.InMemoryUserDetailsManager;
@Configuration
 public class SecurityConfig extends WebSecurityConfigurerAdapter {

-	@Bean
-	@Override
-	public UserDetailsService userDetailsService() {
-		return new InMemoryUserDetailsManager(User.withDefaultPasswordEncoder()
-				.username("user").password("password").roles("USER").build());
-	}
-
 	// @formatter:off
 	// tag::config[]
 	@Override
 	protected void configure(HttpSecurity http) throws Exception {
 		http
 			.authorizeRequests()
-				.requestMatchers(StaticResourceRequest.toCommonLocations()).permitAll()
+				.requestMatchers(PathRequest.toStaticResources().atCommonLocations()).permitAll()
 				.anyRequest().authenticated()
 				.and()
 			.formLogin()
--- a/samples/boot/findbyusername/src/main/java/sample/config/WebMvcConfig.java
+++ b/samples/boot/findbyusername/src/main/java/sample/config/WebMvcConfig.java
@@ -5,7 +5,7 @@
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
- *      http://www.apache.org/licenses/LICENSE-2.0
+ *      https://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
--- a/samples/boot/findbyusername/src/main/java/sample/mvc/IndexController.java
+++ b/samples/boot/findbyusername/src/main/java/sample/mvc/IndexController.java
@@ -5,7 +5,7 @@
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
- *      http://www.apache.org/licenses/LICENSE-2.0
+ *      https://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
--- a/samples/boot/findbyusername/src/main/java/sample/session/SessionDetails.java
+++ b/samples/boot/findbyusername/src/main/java/sample/session/SessionDetails.java
@@ -5,7 +5,7 @@
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
- *      http://www.apache.org/licenses/LICENSE-2.0
+ *      https://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
--- a/samples/boot/findbyusername/src/main/java/sample/session/SessionDetailsFilter.java
+++ b/samples/boot/findbyusername/src/main/java/sample/session/SessionDetailsFilter.java
@@ -1,11 +1,11 @@
 /*
- * Copyright 2014-2016 the original author or authors.
+ * Copyright 2014-2018 the original author or authors.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
- *      http://www.apache.org/licenses/LICENSE-2.0
+ *      https://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
@@ -92,7 +92,7 @@ public class SessionDetailsFilter extends OncePerRequestFilter {
 			}
 			return cityName + ", " + countryName;
 		}
-		catch (Exception e) {
+		catch (Exception ex) {
 			return UNKNOWN;

 		}
--- a/samples/boot/findbyusername/src/main/resources/application.properties
+++ b/samples/boot/findbyusername/src/main/resources/application.properties
@@ -0,0 +1 @@
+spring.security.user.password=password
--- a/samples/boot/findbyusername/src/main/resources/templates/index.html
+++ b/samples/boot/findbyusername/src/main/resources/templates/index.html
@@ -1,4 +1,4 @@
-<html xmlns:th="http://www.thymeleaf.org" xmlns:layout="http://www.ultraq.net.nz/thymeleaf/layout" layout:decorate="~{layout}">
+<html xmlns:th="https://www.thymeleaf.org" xmlns:layout="https://github.com/ultraq/thymeleaf-layout-dialect" layout:decorate="~{layout}">
 <head>
 	<title>Secured Content</title>
 </head>
--- a/samples/boot/findbyusername/src/main/resources/templates/layout.html
+++ b/samples/boot/findbyusername/src/main/resources/templates/layout.html
@@ -1,7 +1,7 @@
-<!DOCTYPE html SYSTEM "http://www.thymeleaf.org/dtd/xhtml1-strict-thymeleaf-spring4-3.dtd">
+<!DOCTYPE html SYSTEM "https://www.thymeleaf.org/dtd/xhtml1-strict-thymeleaf-spring4-3.dtd">
 <html xmlns="http://www.w3.org/1999/xhtml"
-			xmlns:th="http://www.thymeleaf.org"
-			xmlns:layout="http://www.ultraq.net.nz/thymeleaf/layout">
+			xmlns:th="https://www.thymeleaf.org"
+			xmlns:layout="https://github.com/ultraq/thymeleaf-layout-dialect">
 	<head>
 		<title layout:title-pattern="$LAYOUT_TITLE - $CONTENT_TITLE">Spring Session Sample</title>
 		<link rel="icon" type="image/x-icon" th:href="@{/favicon.ico}" href="../static/favicon.ico"/>
@@ -115,7 +115,7 @@

 		<div id="footer">
 			<div class="container">
-				<p class="muted credit">This product includes GeoLite2 data created by MaxMind, available from <a href="http://www.maxmind.com">http://www.maxmind.com</a>.</p>
+				<p class="muted credit">This product includes GeoLite2 data created by MaxMind, available from <a href="https://www.maxmind.com">https://www.maxmind.com</a>.</p>
 			</div>
 		</div>
 	</body>
--- a/samples/boot/findbyusername/src/main/resources/templates/login.html
+++ b/samples/boot/findbyusername/src/main/resources/templates/login.html
@@ -1,5 +1,5 @@
-<html xmlns:th="http://www.thymeleaf.org"
-	xmlns:layout="http://www.ultraq.net.nz/thymeleaf/layout"
+<html xmlns:th="https://www.thymeleaf.org"
+	xmlns:layout="https://github.com/ultraq/thymeleaf-layout-dialect"
 	layout:decorate="~{layout}">
 <head>
 <title>Log In</title>
--- a/samples/boot/findbyusername/src/test/java/sample/session/SessionDetailsFilterTests.java
+++ b/samples/boot/findbyusername/src/test/java/sample/session/SessionDetailsFilterTests.java
@@ -5,7 +5,7 @@
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
- *      http://www.apache.org/licenses/LICENSE-2.0
+ *      https://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
--- a/samples/boot/jdbc/README.adoc
+++ b/samples/boot/jdbc/README.adoc
@@ -1 +0,0 @@
-Demonstrates using Spring Session with Spring Boot and Spring Security. You can log in with the username "user" and the password "password".
--- a/samples/boot/jdbc/spring-session-sample-boot-jdbc.gradle
+++ b/samples/boot/jdbc/spring-session-sample-boot-jdbc.gradle
@@ -9,7 +9,7 @@ dependencies {
 	compile "nz.net.ultraq.thymeleaf:thymeleaf-layout-dialect"
 	compile "org.webjars:bootstrap"
 	compile "org.webjars:html5shiv"
-	compile "org.webjars:webjars-locator"
+	compile "org.webjars:webjars-locator-core"
 	compile "com.h2database:h2"

 	testCompile "org.springframework.boot:spring-boot-starter-test"
--- a/samples/boot/jdbc/src/integration-test/java/sample/BootTests.java
+++ b/samples/boot/jdbc/src/integration-test/java/sample/BootTests.java
@@ -5,7 +5,7 @@
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
- *      http://www.apache.org/licenses/LICENSE-2.0
+ *      https://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
--- a/samples/boot/jdbc/src/integration-test/java/sample/pages/BasePage.java
+++ b/samples/boot/jdbc/src/integration-test/java/sample/pages/BasePage.java
@@ -5,7 +5,7 @@
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
- *      http://www.apache.org/licenses/LICENSE-2.0
+ *      https://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
--- a/samples/boot/jdbc/src/integration-test/java/sample/pages/HomePage.java
+++ b/samples/boot/jdbc/src/integration-test/java/sample/pages/HomePage.java
@@ -5,7 +5,7 @@
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
- *      http://www.apache.org/licenses/LICENSE-2.0
+ *      https://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
--- a/samples/boot/jdbc/src/integration-test/java/sample/pages/LoginPage.java
+++ b/samples/boot/jdbc/src/integration-test/java/sample/pages/LoginPage.java
@@ -5,7 +5,7 @@
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
- *      http://www.apache.org/licenses/LICENSE-2.0
+ *      https://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
--- a/samples/boot/jdbc/src/main/java/sample/Application.java
+++ b/samples/boot/jdbc/src/main/java/sample/Application.java
@@ -5,7 +5,7 @@
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
- *      http://www.apache.org/licenses/LICENSE-2.0
+ *      https://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
--- a/samples/boot/jdbc/src/main/java/sample/config/SecurityConfig.java
+++ b/samples/boot/jdbc/src/main/java/sample/config/SecurityConfig.java
@@ -1,11 +1,11 @@
 /*
- * Copyright 2014-2017 the original author or authors.
+ * Copyright 2014-2018 the original author or authors.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
- *      http://www.apache.org/licenses/LICENSE-2.0
+ *      https://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
@@ -16,15 +16,11 @@

 package sample.config;

-import org.springframework.boot.autoconfigure.security.StaticResourceRequest;
-import org.springframework.context.annotation.Bean;
+import org.springframework.boot.autoconfigure.security.servlet.PathRequest;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.builders.WebSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
-import org.springframework.security.core.userdetails.User;
-import org.springframework.security.core.userdetails.UserDetailsService;
-import org.springframework.security.provisioning.InMemoryUserDetailsManager;

 /**
 * Spring Security configuration.
@@ -35,18 +31,11 @@ import org.springframework.security.provisioning.InMemoryUserDetailsManager;
@Configuration
 public class SecurityConfig extends WebSecurityConfigurerAdapter {

-	@Bean
-	@Override
-	public UserDetailsService userDetailsService() {
-		return new InMemoryUserDetailsManager(User.withDefaultPasswordEncoder()
-				.username("user").password("password").roles("USER").build());
-	}
-
 	// @formatter:off
 	@Override
-	public void configure(WebSecurity web) throws Exception {
+	public void configure(WebSecurity web) {
 		web
-			.ignoring().antMatchers("/h2-console/**");
+			.ignoring().requestMatchers(PathRequest.toH2Console());
 	}
 	// @formatter:on

@@ -56,7 +45,7 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
 	protected void configure(HttpSecurity http) throws Exception {
 		http
 			.authorizeRequests()
-				.requestMatchers(StaticResourceRequest.toCommonLocations()).permitAll()
+				.requestMatchers(PathRequest.toStaticResources().atCommonLocations()).permitAll()
 				.anyRequest().authenticated()
 				.and()
 			.formLogin()
--- a/samples/boot/jdbc/src/main/java/sample/config/WebMvcConfig.java
+++ b/samples/boot/jdbc/src/main/java/sample/config/WebMvcConfig.java
@@ -5,7 +5,7 @@
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
- *      http://www.apache.org/licenses/LICENSE-2.0
+ *      https://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
--- a/samples/boot/jdbc/src/main/resources/application.properties
+++ b/samples/boot/jdbc/src/main/resources/application.properties
@@ -1 +1,2 @@
+spring.security.user.password=password
 spring.h2.console.enabled=true
--- a/samples/boot/jdbc/src/main/resources/templates/index.html
+++ b/samples/boot/jdbc/src/main/resources/templates/index.html
@@ -1,4 +1,4 @@
-<html xmlns:th="http://www.thymeleaf.org" xmlns:layout="http://www.ultraq.net.nz/thymeleaf/layout" layout:decorate="~{layout}">
+<html xmlns:th="https://www.thymeleaf.org" xmlns:layout="https://github.com/ultraq/thymeleaf-layout-dialect" layout:decorate="~{layout}">
 <head>
 	<title>Secured Content</title>
 </head>
--- a/samples/boot/jdbc/src/main/resources/templates/layout.html
+++ b/samples/boot/jdbc/src/main/resources/templates/layout.html
@@ -1,7 +1,7 @@
-<!DOCTYPE html SYSTEM "http://www.thymeleaf.org/dtd/xhtml1-strict-thymeleaf-spring4-3.dtd">
+<!DOCTYPE html SYSTEM "https://www.thymeleaf.org/dtd/xhtml1-strict-thymeleaf-spring4-3.dtd">
 <html xmlns="http://www.w3.org/1999/xhtml"
-			xmlns:th="http://www.thymeleaf.org"
-			xmlns:layout="http://www.ultraq.net.nz/thymeleaf/layout">
+			xmlns:th="https://www.thymeleaf.org"
+			xmlns:layout="https://github.com/ultraq/thymeleaf-layout-dialect">
 	<head>
 		<title layout:title-pattern="$LAYOUT_TITLE - $CONTENT_TITLE">Spring Session Sample</title>
 		<link rel="icon" type="image/x-icon" th:href="@{/favicon.ico}" href="../static/favicon.ico"/>
--- a/samples/boot/redis-json/spring-session-sample-boot-redis-json.gradle
+++ b/samples/boot/redis-json/spring-session-sample-boot-redis-json.gradle
@@ -10,7 +10,7 @@ dependencies {
 	compile "nz.net.ultraq.thymeleaf:thymeleaf-layout-dialect"
 	compile "org.webjars:bootstrap"
 	compile "org.webjars:html5shiv"
-	compile "org.webjars:webjars-locator"
+	compile "org.webjars:webjars-locator-core"
 	compile "org.apache.httpcomponents:httpclient"

 	testCompile "org.springframework.boot:spring-boot-starter-test"
--- a/samples/boot/redis-json/src/integration-test/java/sample/HttpRedisJsonTest.java
+++ b/samples/boot/redis-json/src/integration-test/java/sample/HttpRedisJsonTest.java
@@ -1,11 +1,11 @@
 /*
- * Copyright 2014-2018 the original author or authors.
+ * Copyright 2014-2019 the original author or authors.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
- *      http://www.apache.org/licenses/LICENSE-2.0
+ *      https://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
@@ -20,7 +20,6 @@ import java.util.List;

 import org.junit.After;
 import org.junit.Before;
-import org.junit.ClassRule;
 import org.junit.Test;
 import org.junit.runner.RunWith;
 import org.openqa.selenium.WebDriver;
@@ -33,10 +32,9 @@ import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc;
 import org.springframework.boot.test.context.SpringBootTest;
 import org.springframework.boot.test.context.SpringBootTest.WebEnvironment;
-import org.springframework.boot.test.util.TestPropertyValues;
-import org.springframework.context.ApplicationContextInitializer;
-import org.springframework.context.ConfigurableApplicationContext;
-import org.springframework.test.context.ContextConfiguration;
+import org.springframework.boot.test.context.TestConfiguration;
+import org.springframework.context.annotation.Bean;
+import org.springframework.data.redis.connection.lettuce.LettuceConnectionFactory;
 import org.springframework.test.context.junit4.SpringRunner;
 import org.springframework.test.web.servlet.MockMvc;
 import org.springframework.test.web.servlet.htmlunit.webdriver.MockMvcHtmlUnitDriverBuilder;
@@ -48,16 +46,11 @@ import static org.assertj.core.api.Assertions.assertThat;
 * @author Vedran Pavic
 */
@RunWith(SpringRunner.class)
-@SpringBootTest(classes = Application.class, webEnvironment = WebEnvironment.MOCK)
+@SpringBootTest(webEnvironment = WebEnvironment.MOCK)
@AutoConfigureMockMvc
-@ContextConfiguration(initializers = HttpRedisJsonTest.Initializer.class)
 public class HttpRedisJsonTest {

-	private static final String DOCKER_IMAGE = "redis:4.0.6";
-
-	@ClassRule
-	public static GenericContainer redisContainer = new GenericContainer(DOCKER_IMAGE)
-			.withExposedPorts(6379);
+	private static final String DOCKER_IMAGE = "redis:4.0.12";

 	@Autowired
 	private MockMvc mockMvc;
@@ -110,16 +103,21 @@ public class HttpRedisJsonTest {
 		assertThat(attributes).extracting("attributeValue").contains("Demo Value");
 	}

-	static class Initializer
-			implements ApplicationContextInitializer<ConfigurableApplicationContext> {
+	@TestConfiguration
+	static class Config {

-		@Override
-		public void initialize(
-				ConfigurableApplicationContext configurableApplicationContext) {
-			TestPropertyValues
-					.of("spring.redis.host=" + redisContainer.getContainerIpAddress(),
-							"spring.redis.port=" + redisContainer.getFirstMappedPort())
-					.applyTo(configurableApplicationContext.getEnvironment());
+		@Bean
+		public GenericContainer redisContainer() {
+			GenericContainer redisContainer = new GenericContainer(DOCKER_IMAGE)
+					.withExposedPorts(6379);
+			redisContainer.start();
+			return redisContainer;
+		}
+
+		@Bean
+		public LettuceConnectionFactory redisConnectionFactory() {
+			return new LettuceConnectionFactory(redisContainer().getContainerIpAddress(),
+					redisContainer().getFirstMappedPort());
 		}

 	}
--- a/samples/boot/redis-json/src/integration-test/java/sample/RedisSerializerTest.java
+++ b/samples/boot/redis-json/src/integration-test/java/sample/RedisSerializerTest.java
@@ -1,11 +1,11 @@
 /*
- * Copyright 2014-2018 the original author or authors.
+ * Copyright 2014-2019 the original author or authors.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
- *      http://www.apache.org/licenses/LICENSE-2.0
+ *      https://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
@@ -16,19 +16,17 @@

 package sample;

-import org.junit.ClassRule;
 import org.junit.Test;
 import org.junit.runner.RunWith;
 import org.testcontainers.containers.GenericContainer;

 import org.springframework.boot.test.context.SpringBootTest;
-import org.springframework.boot.test.util.TestPropertyValues;
-import org.springframework.context.ApplicationContextInitializer;
-import org.springframework.context.ConfigurableApplicationContext;
+import org.springframework.boot.test.context.TestConfiguration;
+import org.springframework.context.annotation.Bean;
+import org.springframework.data.redis.connection.lettuce.LettuceConnectionFactory;
 import org.springframework.data.redis.core.RedisTemplate;
 import org.springframework.data.redis.serializer.GenericJackson2JsonRedisSerializer;
 import org.springframework.session.data.redis.config.annotation.SpringSessionRedisOperations;
-import org.springframework.test.context.ContextConfiguration;
 import org.springframework.test.context.junit4.SpringRunner;

 import static org.assertj.core.api.Assertions.assertThat;
@@ -38,15 +36,10 @@ import static org.assertj.core.api.Assertions.assertThat;
 * @author Vedran Pavic
 */
@RunWith(SpringRunner.class)
-@SpringBootTest(classes = Application.class)
-@ContextConfiguration(initializers = RedisSerializerTest.Initializer.class)
+@SpringBootTest
 public class RedisSerializerTest {

-	private static final String DOCKER_IMAGE = "redis:4.0.6";
-
-	@ClassRule
-	public static GenericContainer redisContainer = new GenericContainer(DOCKER_IMAGE)
-			.withExposedPorts(6379);
+	private static final String DOCKER_IMAGE = "redis:4.0.12";

 	@SpringSessionRedisOperations
 	private RedisTemplate<Object, Object> sessionRedisTemplate;
@@ -59,16 +52,21 @@ public class RedisSerializerTest {
 				.isInstanceOf(GenericJackson2JsonRedisSerializer.class);
 	}

-	static class Initializer
-			implements ApplicationContextInitializer<ConfigurableApplicationContext> {
+	@TestConfiguration
+	static class Config {

-		@Override
-		public void initialize(
-				ConfigurableApplicationContext configurableApplicationContext) {
-			TestPropertyValues
-					.of("spring.redis.host=" + redisContainer.getContainerIpAddress(),
-							"spring.redis.port=" + redisContainer.getFirstMappedPort())
-					.applyTo(configurableApplicationContext.getEnvironment());
+		@Bean
+		public GenericContainer redisContainer() {
+			GenericContainer redisContainer = new GenericContainer(DOCKER_IMAGE)
+					.withExposedPorts(6379);
+			redisContainer.start();
+			return redisContainer;
+		}
+
+		@Bean
+		public LettuceConnectionFactory redisConnectionFactory() {
+			return new LettuceConnectionFactory(redisContainer().getContainerIpAddress(),
+					redisContainer().getFirstMappedPort());
 		}

 	}
--- a/samples/boot/redis-json/src/integration-test/java/sample/pages/BasePage.java
+++ b/samples/boot/redis-json/src/integration-test/java/sample/pages/BasePage.java
@@ -5,7 +5,7 @@
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
- *      http://www.apache.org/licenses/LICENSE-2.0
+ *      https://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
--- a/samples/boot/redis-json/src/integration-test/java/sample/pages/HomePage.java
+++ b/samples/boot/redis-json/src/integration-test/java/sample/pages/HomePage.java
@@ -5,7 +5,7 @@
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
- *      http://www.apache.org/licenses/LICENSE-2.0
+ *      https://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
--- a/samples/boot/redis-json/src/integration-test/java/sample/pages/LoginPage.java
+++ b/samples/boot/redis-json/src/integration-test/java/sample/pages/LoginPage.java
@@ -5,7 +5,7 @@
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
- *      http://www.apache.org/licenses/LICENSE-2.0
+ *      https://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
--- a/samples/boot/redis-json/src/main/java/sample/Application.java
+++ b/samples/boot/redis-json/src/main/java/sample/Application.java
@@ -5,7 +5,7 @@
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
- *      http://www.apache.org/licenses/LICENSE-2.0
+ *      https://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
--- a/samples/boot/redis-json/src/main/java/sample/config/SecurityConfig.java
+++ b/samples/boot/redis-json/src/main/java/sample/config/SecurityConfig.java
@@ -1,11 +1,11 @@
 /*
- * Copyright 2014-2017 the original author or authors.
+ * Copyright 2014-2018 the original author or authors.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
- *      http://www.apache.org/licenses/LICENSE-2.0
+ *      https://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
@@ -16,14 +16,10 @@

 package sample.config;

-import org.springframework.boot.autoconfigure.security.StaticResourceRequest;
-import org.springframework.context.annotation.Bean;
+import org.springframework.boot.autoconfigure.security.servlet.PathRequest;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
-import org.springframework.security.core.userdetails.User;
-import org.springframework.security.core.userdetails.UserDetailsService;
-import org.springframework.security.provisioning.InMemoryUserDetailsManager;

 /**
 * Spring Security configuration.
@@ -34,19 +30,12 @@ import org.springframework.security.provisioning.InMemoryUserDetailsManager;
@Configuration
 public class SecurityConfig extends WebSecurityConfigurerAdapter {

-	@Bean
-	@Override
-	public UserDetailsService userDetailsService() {
-		return new InMemoryUserDetailsManager(User.withDefaultPasswordEncoder()
-				.username("user").password("password").roles("USER").build());
-	}
-
 	// @formatter:off
 	@Override
 	protected void configure(HttpSecurity http) throws Exception {
 		http
 			.authorizeRequests()
-				.requestMatchers(StaticResourceRequest.toCommonLocations()).permitAll()
+				.requestMatchers(PathRequest.toStaticResources().atCommonLocations()).permitAll()
 				.anyRequest().authenticated()
 				.and()
 			.formLogin()
--- a/samples/boot/redis-json/src/main/java/sample/config/SessionConfig.java
+++ b/samples/boot/redis-json/src/main/java/sample/config/SessionConfig.java
@@ -5,7 +5,7 @@
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
- *      http://www.apache.org/licenses/LICENSE-2.0
+ *      https://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
--- a/samples/boot/redis-json/src/main/java/sample/config/WebMvcConfig.java
+++ b/samples/boot/redis-json/src/main/java/sample/config/WebMvcConfig.java
@@ -5,7 +5,7 @@
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
- *      http://www.apache.org/licenses/LICENSE-2.0
+ *      https://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
--- a/samples/boot/redis-json/src/main/java/sample/web/HomeController.java
+++ b/samples/boot/redis-json/src/main/java/sample/web/HomeController.java
@@ -5,7 +5,7 @@
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
- *      http://www.apache.org/licenses/LICENSE-2.0
+ *      https://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
--- a/samples/boot/redis-json/src/main/resources/application.properties
+++ b/samples/boot/redis-json/src/main/resources/application.properties
@@ -0,0 +1 @@
+spring.security.user.password=password
--- a/samples/boot/redis-json/src/main/resources/templates/home.html
+++ b/samples/boot/redis-json/src/main/resources/templates/home.html
@@ -1,5 +1,5 @@
 <!DOCTYPE html>
-<html xmlns:th="http://www.thymeleaf.org" xmlns:layout="http://www.ultraq.net.nz/thymeleaf/layout" layout:decorate="~{layout}">
+<html xmlns:th="https://www.thymeleaf.org" xmlns:layout="https://github.com/ultraq/thymeleaf-layout-dialect" layout:decorate="~{layout}">
 <head>
 	<title>Home</title>
 </head>
--- a/Show More
+++ b/Show More
				`@@ -1 +0,0 @@`
				`Demonstrates using Spring Session with Spring Boot and Spring Security. You can log in with the username "user" and the password "password".`