package org.conan.security;
import java.io.IOException;
import java.util.ArrayList;
import java.util.List;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
import lombok.extern.log4j.Log4j;
@Log4j
public class CustomLoginSuccessHandler implements AuthenticationSuccessHandler {
@Override //만들때 add로 implements에 있는거 add해서만들기
public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response,
Authentication authentication) throws IOException, ServletException {
// Authentication 객체를 이용해서 사용자가 가진 모든 권한을 체크
log.warn("Login Success");
List<String> roleNames = new ArrayList<>();
authentication.getAuthorities().forEach(authority->{
roleNames.add(authority.getAuthority());
});
log.warn("ROLE NAMES : "+roleNames);
if(roleNames.contains("ROLE_ADMIN")) {
response.sendRedirect("/sample/admin");
return;
}
if(roleNames.contains("ROLE_MEMBER")) {
response.sendRedirect("/sample/member");
return;
}
response.sendRedirect("/");
}
}
security-context.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:security="http://www.springframework.org/schema/security"
xsi:schemaLocation="http://www.springframework.org/schema/security https://www.springframework.org/schema/security/spring-security-5.2.xsd
http://www.springframework.org/schema/beans https://www.springframework.org/schema/beans/spring-beans.xsd">
<security:http auto-config="true" use-expressions="true">
<security:intercept-url pattern="/sample/all" access="permitAll" />
<security:intercept-url pattern="/sample/member" access="hasRole('ROLE_MEMBER')" />
<security:intercept-url pattern="/sample/admin" access="hasRole('ROLE_ADMIN')" />
<security:form-login login-page="/customLogin" authentication-success-handler-ref="customLoginSuccess"/>
<!-- 내가 만든 로그인 페이지(/customLogin) 를 쓰겠다고 하는거 -->
<security:access-denied-handler ref="customAccessDenied"/>
</security:http>
<security:authentication-manager>
<security:authentication-provider>
<security:user-service>
<security:user name="member" password="{noop}member" authorities="ROLE_MEMBER"/>
<security:user name="admin" password="{noop}admin" authorities="ROLE_MEMBER, ROLE_ADMIN"/>
</security:user-service>
</security:authentication-provider>
</security:authentication-manager>
<bean id="customAccessDenied" class="org.conan.security.CustomAccessDeniedHandler"></bean>
<bean id="customLoginSuccess" class="org.conan.security.CustomLoginSuccessHandler"></bean>
</beans>하면 로그인 하는 멤버의 role에 따라 member면 멤버페이지로
admin이면 admin페이지로 이동됨
member, member로 로그인시 보이는페이지
admin,admin으로 로그인시
이렇게 보인다 끝!
기록이 쌓이면 지식이 된다.