* Introduced PlayConfig helper which is more suited to idiomatic use of Typesafe config * Migrated a number of config options from old paths to new paths * Removed "modules" from configuration keys * Moved more settings to reference.conf * Introduced idiom of using "null" rather than blank or no setting for default values.
…stead of having an all or nothing approach where to change a log level for one class means you must change it for all classes
Improves application performance by 3-5% in some benchmarks.
The old Crypto APIs did not support AES transformations, which require the use of the IV in the decryptAES(..) Hence if you used a transformation that looked like AES/CBC/PKCS5Padding decryptAES(...) would fail. Add notes about migrating to older versions of Play for Crypto APIs Fix tests for old AES encryption/decryption, and update migration docs. Switch to AES/CTR/NoPadding, and use a different version to represent encoded strings with IV
* Pulled onRequest, routeRequest, filter etc methods out of GlobalSettings, and put them into a HttpRequestHandler abstraction. * Introduced HttpConfiguration abstraction to abstract out http configuration * Rewrote Scala documentation on intercepting requests * Didn't rewrite Java documentation on intercepting requests - felt a bit like yak shaving
Since this isn't a major component (the Play documentation doesn't mention it) I didn't worry about breaking the Java API (the methods are no longer static). Also introduced a SimpleInjector implementation, that is map based, and put Crypto in that for the default compile time dependency injection components - since this is now the method that Crypto is looked up by, for example when validating the session.
Fixes #1775. * Play now generates an application secret that is stable to the place where the application is running from in dev and test mode. * Play will fail to load if application secret is not set or changeme in production. * Created new SBT tasks for generating and updating the application secret. * Wrote new docs on the application secret, how configure it, and best practices. * Updated production documentation to refer to activator.