Prior to this commit, applications could declare Actuator Endpoints
using web framework-specific annotations, such as `@ServletEndpoint`,
@ControllerEndpoint and @RestControllerEndpoint.
Such annotations are closely tied to the programming model of specific
web technologies, such as Servlet or Spring MVC. Unlike other
`@Endpoint` support, they are not portable and will not work
transparently over blocking/reactive and transports.
Because of the strong adherence of this support with the underlying
infrastructure, it makes it impossible to evolve the implementation of
Actuator support without breaking this use case. The reference
documentation has been advocating for using `@Endpoint` and
`@*Operation` for custom endpoints for a long time now.
This commit deprecates this specific support in favor of the recommended
approach.
Closes gh-31768
Properties under `server.ssl.server-name-bundles` and
`management.server.ssl.server-name-bundles` can be used to configure
mappings of host names to SSL bundles to support SNI in embedded web
servers.
Closes gh-26022
Add a `NestedFileSystemProvider` implementation so that the JDK's
`ZipFileSystem` can load content from nested jars and nested
directory entries.
Creating a `ZipFileSystem` may be a relatively expensive operation as
zip structures need to be parsed and in the case of directory entries
a virtual datablock nees to be generated on the fly. As such, we
install the `ZipFileSystem` as late as possible since in a typical
application it may never be needed.
This commit also tweaks Gradle and Maven plugins to ensure that the
service loader file is written to repackaged jars.
Closes gh-7161
Update Gradle and Maven plugins to write an empty `META-INF/BOOT.SF`
file whenever there is a nested signed jar.
This update allows Oracle Java 17 to correctly verify the nested JARs.
The file is required because `JarVerifier` has code roughly equivalent
to:
if (!jarManifestNameChecked && SharedSecrets
.getJavaUtilZipFileAccess().getManifestName(jf, true) == null) {
throw new JarException("The JCE Provider " + jarURL.toString() +
" is not signed.");
}
The `SharedSecrets.getJavaUtilZipFileAccess().getManifestName(jf, true)`
call ends up in `ZipFile.getManifestName(onlyIfSignatureRelatedFiles)`
which is a private method that we cannot override in our `NestedJarFile`
subclass. By writing an empty `.SF` file we ensure that the `Manifest`
is always returned because there are always "signature related files".
Fixes gh-28837
Moritz Halbritter
Andy Wilkinson
Scott Frederick
Brian Clozel
Phillip Webb
Christoph Dreis
gdmrw
Eddú Meléndez
Tobias Lippert
Yanming Zhou
Andy Wilkinson
Scott Frederick
Claudio Nave
Phillip Webb