When looking at the documentation for Common Application properties, at the Security section, I also found the properties prefixed by spring.session.
In my opinion, the properties related to Spring Session would deserve their own section, as they are not really related to security.
What do you think ?
I found the merge of these properties is done there : https://github.com/spring-projects/spring-boot/blob/master/buildSrc/src/main/java/org/springframework/boot/build/context/properties/DocumentConfigurationProperties.java#L80
Comment From: vpavic
This is a good point.
While it might seem a bit odd a first, these are actually even a fit for the Server properties section, as Spring Session effectively replaces container's default session management facilities. The auto-configuration even consumes the value of server.servlet.session.timeout property when configuring Spring Session.
Comment From: ghusta
Good suggestion, it could also fit server properties, indeed.
Comment From: wilkinsona
Thanks, @ghusta. We're going to move the LDAP properties to the Data section and the Session properties to the Web section.