(spring) Spring Security2

최대 1 분 소요

💼📝🔑⏰ 📙📓📘📒🎓

예제 프로젝트 : spring-boot-demoweb3-starter

📝 security-context.xml 파일 설정을 코드로 할 경우

  • SecurityConfig.java 클래스 생성

@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
	
	@Autowired
	DemoWebUserService userDetailsService;

	@Override
	public void configure(WebSecurity web) throws Exception {
		super.configure(web);
	}
	
	@Override
	protected void configure(HttpSecurity http) throws Exception {

		http	.authorizeRequests()
				.antMatchers("/").permitAll()
				.antMatchers("/home.action").permitAll()
				.antMatchers("/account/**").permitAll()
				.antMatchers("/resources/**").permitAll()
				.antMatchers("/**").authenticated()
			.and()
				.formLogin()
				.loginPage("/account/login.action")
				.usernameParameter("memberId")
				.passwordParameter("passwd")
				.defaultSuccessUrl("/home")
			.and()
				.logout()
				//.logoutUrl("/logout.action")
				.logoutSuccessUrl("/home.action")
				.invalidateHttpSession(true)
				.deleteCookies("JSESSIONID")
			.and()
				.csrf().disable();
	}
	
	@Autowired
	@Qualifier("dataSource")
	private DataSource dataSource;
	
	@Bean
	public PasswordEncoder passwordEncoder() {
		return new DemoWebPasswordEncoder();
	}
	
	@Override
	protected void configure(AuthenticationManagerBuilder auth) throws Exception {
		
//		auth.inMemoryAuthentication()
//			.withUser("iamuserone").password("{noop}9922").roles("MEMBER")
//			.and()
//			.withUser("iamadminone").password("{noop}9922").roles("ADMIN");
		
//		auth.jdbcAuthentication()
//			.dataSource(dataSource)
//			.usersByUsernameQuery("SELECT member_id, passwd, active FROM tbl_member WHERE member_id = ?")
//			.authoritiesByUsernameQuery("SELECT member_id, role_name FROM tbl_member_roles WHERE member_id = ?")
//			.passwordEncoder(passwordEncoder());
		
		auth.userDetailsService(userDetailsService)
			.passwordEncoder(passwordEncoder());
			
		
	}
	
}

댓글남기기