(spring) Spring Security2
💼📝🔑⏰ 📙📓📘📒🎓
예제 프로젝트 : spring-boot-demoweb3-starter
📝 security-context.xml 파일 설정을 코드로 할 경우
- SecurityConfig.java 클래스 생성
@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
DemoWebUserService userDetailsService;
@Override
public void configure(WebSecurity web) throws Exception {
super.configure(web);
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http .authorizeRequests()
.antMatchers("/").permitAll()
.antMatchers("/home.action").permitAll()
.antMatchers("/account/**").permitAll()
.antMatchers("/resources/**").permitAll()
.antMatchers("/**").authenticated()
.and()
.formLogin()
.loginPage("/account/login.action")
.usernameParameter("memberId")
.passwordParameter("passwd")
.defaultSuccessUrl("/home")
.and()
.logout()
//.logoutUrl("/logout.action")
.logoutSuccessUrl("/home.action")
.invalidateHttpSession(true)
.deleteCookies("JSESSIONID")
.and()
.csrf().disable();
}
@Autowired
@Qualifier("dataSource")
private DataSource dataSource;
@Bean
public PasswordEncoder passwordEncoder() {
return new DemoWebPasswordEncoder();
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
// auth.inMemoryAuthentication()
// .withUser("iamuserone").password("{noop}9922").roles("MEMBER")
// .and()
// .withUser("iamadminone").password("{noop}9922").roles("ADMIN");
// auth.jdbcAuthentication()
// .dataSource(dataSource)
// .usersByUsernameQuery("SELECT member_id, passwd, active FROM tbl_member WHERE member_id = ?")
// .authoritiesByUsernameQuery("SELECT member_id, role_name FROM tbl_member_roles WHERE member_id = ?")
// .passwordEncoder(passwordEncoder());
auth.userDetailsService(userDetailsService)
.passwordEncoder(passwordEncoder());
}
}
댓글남기기