Today, in the capstone project at school, I added and implemented the Spring Security method from the JWT+COOKIE method. It was first implemented using the old version of Spring Security, with WebSecurityConfigurerAdapter, and the latest version became Deprecated WebSecurityConfigurerAdapter to implement the latest version of security.
I felt that:
When I created Spring Security from scratch, it didn't feel difficult because I just had to implement it, but resetting security in a project that was already completed was much more difficult than I thought. In particular, I was in a situation where I did not know about the communication method or role of JWT and cookie, and I did not know how to call and use security, so I spent about 20 hours modifying security. But since I'm definitely modifying a project I've already created, I can learn and use it more deeply and more than just making it.
https://github.com/developer-Park/BackupBackend-main
https://wky.kr/80
I implemented logout by expiring cookie.
1.Problem
Using the PostMapping but I got a Request method 'GET' not supported Error.
Answer
@RequestMapping(value = "/logout",method = {RequestMethod.GET, RequestMethod.POST})add two method get and post both.
2.Problem
Error: invalid type code: 00
Answer
Clean IntelliJ Project
3.Problem
Error: unable to read json value:
Answer
Java io.jsonwebtoken.MalformedJwtException
JWT token's vaildcheck must start with ey or e.
Problem
Error: passwordencord does not matched.
Answer
passwordencord uses matches to compare input (rawpassword, encodepassword).
