spring-projects#319 - Upgrade to Spring Boot 2.0 M6.

Tweaked setup of in-memory user accounts in Spring Security example to accommodate the changes in Password encoding.

Tweaked Elasticsearch examples to use Log4j 2 instead of Logback as embedded Elasticsearch requires it to run properly.

elasticsearch/example/pom.xml

@@ -16,4 +16,24 @@
 		<version>2.0.0.BUILD-SNAPSHOT</version>
 	</parent>
 
+	<dependencies>
+
+		<dependency>
+			<groupId>org.springframework.boot</groupId>
+			<artifactId>spring-boot-starter-data-elasticsearch</artifactId>
+			<exclusions>
+				<exclusion>
+					<groupId>org.springframework.boot</groupId>
+					<artifactId>spring-boot-starter-logging</artifactId>
+				</exclusion>
+			</exclusions>
+		</dependency>
+
+		<dependency>
+			<groupId>org.springframework.boot</groupId>
+			<artifactId>spring-boot-starter-log4j2</artifactId>
+		</dependency>
+
+	</dependencies>
+
 </project>

pom.xml

@@ -12,7 +12,7 @@
 	<parent>
 		<groupId>org.springframework.boot</groupId>
 		<artifactId>spring-boot-starter-parent</artifactId>
-		<version>2.0.0.M5</version>
+		<version>2.0.0.M6</version>
 	</parent>
 
 	<modules>

rest/security/src/main/java/example/springdata/rest/security/Application.java

@@ -20,14 +20,18 @@
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.http.HttpMethod;
-import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
 import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.core.userdetails.User;
+import org.springframework.security.core.userdetails.User.UserBuilder;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.provisioning.InMemoryUserDetailsManager;
 
 /**
  * This example shows various ways to secure Spring Data REST applications using Spring Security
@@ -80,15 +84,16 @@ static class SecurityConfiguration extends WebSecurityConfigurerAdapter {
 
 		/**
 		 * This section defines the user accounts which can be used for authentication as well as the roles each user has.
-		 * 
-		 * @see org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter#configure(org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder)
 		 */
-		@Override
-		protected void configure(AuthenticationManagerBuilder auth) throws Exception {
+		@Bean
+		InMemoryUserDetailsManager userDetailsManager() {
+
+			UserBuilder builder = User.withDefaultPasswordEncoder();
+
+			UserDetails greg = builder.username("greg").password("turnquist").roles("USER").build();
+			UserDetails ollie = builder.username("ollie").password("gierke").roles("USER", "ADMIN").build();
 
-			auth.inMemoryAuthentication().//
-					withUser("greg").password("turnquist").roles("USER").and().//
-					withUser("ollie").password("gierke").roles("USER", "ADMIN");
+			return new InMemoryUserDetailsManager(greg, ollie);
 		}
 
 		/**

rest/security/src/test/java/example/springdata/rest/security/UrlLevelSecurityTests.java

@@ -21,6 +21,8 @@
 import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.*;
 import static org.springframework.test.web.servlet.setup.MockMvcBuilders.*;
 
+import java.util.Base64;
+
 import org.junit.Before;
 import org.junit.Test;
 import org.junit.runner.RunWith;
@@ -30,7 +32,6 @@
 import org.springframework.http.HttpHeaders;
 import org.springframework.http.MediaType;
 import org.springframework.security.core.context.SecurityContextHolder;
-import org.springframework.security.crypto.codec.Base64;
 import org.springframework.security.web.FilterChainProxy;
 import org.springframework.test.context.junit4.SpringRunner;
 import org.springframework.test.web.servlet.MockMvc;
@@ -86,7 +87,8 @@ public void allowsGetRequestsButRejectsPostForUser() throws Exception {
 
 		HttpHeaders headers = new HttpHeaders();
 		headers.add(HttpHeaders.ACCEPT, MediaTypes.HAL_JSON_VALUE);
-		headers.add(HttpHeaders.AUTHORIZATION, "Basic " + new String(Base64.encode(("greg:turnquist").getBytes())));
+		headers.add(HttpHeaders.AUTHORIZATION,
+				"Basic " + new String(Base64.getEncoder().encodeToString(("greg:turnquist").getBytes())));
 
 		mvc.perform(get("/employees").//
 				headers(headers)).//
@@ -103,7 +105,8 @@ public void allowsPostRequestForAdmin() throws Exception {
 
 		HttpHeaders headers = new HttpHeaders();
 		headers.set(HttpHeaders.ACCEPT, MediaTypes.HAL_JSON_VALUE);
-		headers.set(HttpHeaders.AUTHORIZATION, "Basic " + new String(Base64.encode(("ollie:gierke").getBytes())));
+		headers.set(HttpHeaders.AUTHORIZATION,
+				"Basic " + new String(Base64.getEncoder().encodeToString(("ollie:gierke").getBytes())));
 
 		mvc.perform(get("/employees").//
 				headers(headers)).//
@@ -112,11 +115,9 @@ public void allowsPostRequestForAdmin() throws Exception {
 
 		headers.set(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON_VALUE);
 
-		String location = mvc
-				.perform(post("/employees").//
-						content(PAYLOAD).//
-						headers(headers))
-				.//
+		String location = mvc.perform(post("/employees").//
+				content(PAYLOAD).//
+				headers(headers)).//
 				andExpect(status().isCreated()).//
 				andReturn().getResponse().getHeader(HttpHeaders.LOCATION);