[노트필기] Spring Security 기본설정

602·2021년 10월 24일
spring security
0

pom.xml

		<!-- spring-security -->
		<dependency>
		    <groupId>org.springframework.security</groupId>
		    <artifactId>spring-security-config</artifactId>
		    <version>${org.springframework-version}</version>
		</dependency>
		<dependency>
		    <groupId>org.springframework.security</groupId>
		    <artifactId>spring-security-core</artifactId>
		    <version>${org.springframework-version}</version>
		</dependency>	
		<dependency>
		    <groupId>org.springframework.security</groupId>
		    <artifactId>spring-security-taglibs</artifactId>
		    <version>${org.springframework-version}</version>
		</dependency>

security-context.xml

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xmlns:security="http://www.springframework.org/schema/security"
	xsi:schemaLocation="http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-5.2.xsd">

	<bean id="bcryptPasswordEncoder" class="org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder"></bean>
	<bean id="customUserDetailsService" class="kr.co.forspace.security.CustomUserDetailsService"></bean>
	<bean id="customAccessDenied" class="kr.co.forspace.security.CustomAccessDeniedHandler"></bean>
	
	<security:http>
		<security:form-login login-page="/member/login" />
		<security:logout logout-url="/member/logout" invalidate-session="true"/>
		<security:csrf disabled="true"/>
		<security:access-denied-handler ref="customAccessDenied"/> <!-- 로그인 했지만 권한이 없는 요청시 보여줄 페이지 -->	
	</security:http>	
	
	<!-- provider --> 
	<security:authentication-manager>
		<security:authentication-provider user-service-ref="customUserDetailsService">
			<security:password-encoder ref="bcryptPasswordEncoder"/>
		</security:authentication-provider>
	</security:authentication-manager>
</beans>

bean 등록한 UserDetailsService 커스터마이징

CustomUserDetailsService.java

UserDetailsService : DB의 유저정보를 가져옴

@Slf4j
@NoArgsConstructor
public class CustomUserDetailsService implements UserDetailsService{
	
	@Autowired
	private MemberMapper memberMapper;
	
	@Override
	public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
		MemberDTO memberDTO = memberMapper.myProfile(username); //로그인 USER정보 가져오기
		Collection<GrantedAuthority> authList = new ArrayList<GrantedAuthority>();
		authList.add(new SimpleGrantedAuthority("ROLE_"+memberDTO.getMeRole()));
		
		return new CustomUser(memberDTO, authList);
	}
	
}

CustomAccessDeniedHandler.java

public class CustomAccessDeniedHandler implements AccessDeniedHandler{

	@Override
	public void handle(HttpServletRequest request, HttpServletResponse response,
			AccessDeniedException accessDeniedException) throws IOException, ServletException {
		response.sendRedirect("/accessError");
		//로그인 했지만 권한이 없는 요청시 보여줄 페이지
	}
}
profile
602
이전 포스트

[javaScript] preventDefault()

다음 포스트

[개념] 동기, 비동기

0개의 댓글