Search

๋กœ๊ทธ์ธ

๋กœ๊ทธ์ธ

Spring Security 5.x

์ด์ „ ํŽ˜์ด์ง€

์ด์ „ ํŽ˜์ด์ง€ ๋‚ด์šฉ์— ์ด์–ด์„œ ์ง„ํ–‰ํ•ฉ๋‹ˆ๋‹ค.

Code

Preview

1.
๋ฉ”์ธ ํ™”๋ฉด
2.
๋กœ๊ทธ์ธ ํ™”๋ฉด

์ž‘์—… ํ”„๋กœ์„ธ์Šค

1.
ํ”„๋กœ์ ํŠธ ์ƒ์„ฑ
2.
์Šคํ”„๋ง ์‹œํ๋ฆฌํ‹ฐ ์„ค์ •
3.
์š”์ฒญ ๊ฒฝ๋กœ ๋งคํ•‘

Preview

1.
๋ฉ”์ธ ํ™”๋ฉด
2.
๋กœ๊ทธ์ธ ํ™”๋ฉด
3.
๋ฉ”์ธ ํ™”๋ฉด (๋กœ๊ทธ์ธ ์™„๋ฃŒ)

๋ฉ”์ธ ํ™”๋ฉด

๋กœ๊ทธ์ธ ํ™”๋ฉด

๋ฉ”์ธ ํ™”๋ฉด (๋กœ๊ทธ์ธ ์™„๋ฃŒ)

์ž‘์—… ํ”„๋กœ์„ธ์Šค

1.
ํ”„๋กœ์ ํŠธ ์ƒ์„ฑ
โ€ข
build.gradle
โ€ข
spring boot version : 2.x.x
โ€ข
spring security version : 5.x.x
โ€ข
์˜์กด์„ฑ ์„ค์ •
โ—ฆ
Spring Web
โ—ฆ
Spring Boot DevTools
โ—ฆ
Spring Security
โ—ฆ
Lombok
โ—ฆ
Thymeleaf
โ—ฆ
MySQL Driver
โ—ฆ
Mybatis Framework
2.
์Šคํ”„๋ง ์‹œํ๋ฆฌํ‹ฐ ์„ค์ •
โ€ข
~/config/SecurityConfig.java

ํ”„๋กœ์ ํŠธ ์ƒ์„ฑ

build.gradle

spring boot 2.x.x
spring security 5.x.x
plugins { id 'java' id 'war' id 'org.springframework.boot' version '2.7.17' id 'io.spring.dependency-management' version '1.0.15.RELEASE' } group = 'com.aloha' version = '0.0.1-SNAPSHOT' java { sourceCompatibility = '17' } configurations { compileOnly { extendsFrom annotationProcessor } } repositories { mavenCentral() } dependencies { implementation 'org.springframework.boot:spring-boot-starter-security' implementation 'org.springframework.boot:spring-boot-starter-thymeleaf' implementation 'org.springframework.boot:spring-boot-starter-web' implementation 'org.mybatis.spring.boot:mybatis-spring-boot-starter:2.3.1' implementation 'org.thymeleaf.extras:thymeleaf-extras-springsecurity5' compileOnly 'org.projectlombok:lombok' developmentOnly 'org.springframework.boot:spring-boot-devtools' runtimeOnly 'com.mysql:mysql-connector-j' annotationProcessor 'org.projectlombok:lombok' providedRuntime 'org.springframework.boot:spring-boot-starter-tomcat' testImplementation 'org.springframework.boot:spring-boot-starter-test' testImplementation 'org.mybatis.spring.boot:mybatis-spring-boot-starter-test:2.3.1' testImplementation 'org.springframework.security:spring-security-test' testRuntimeOnly 'org.junit.platform:junit-platform-launcher' } tasks.named('test') { useJUnitPlatform() }
Java
๋ณต์‚ฌ

์Šคํ”„๋ง ์‹œํ๋ฆฌํ‹ฐ ์„ค์ •

~/config/SecurityConfig.java

UserDetailsService ๋นˆ ๋“ฑ๋ก

UserDetailsService ๋นˆ์„ ๋“ฑ๋กํ•˜์—ฌ, ์‚ฌ์šฉ์ž ์ •๋ณด๋ฅผ ๋ถˆ๋Ÿฌ์˜ฌ ์ˆ˜ ์žˆ๋Š” SQL ์ฟผ๋ฆฌ๋ฅผ ์„ค์ •ํ•ด์ฃผ์–ด ์ธ์ฆ ์ฒ˜๋ฆฌ๋ฅผ ๊ตฌํ˜„ํ•œ๋‹ค.
โ€ข
์‚ฌ์šฉ์ž ์ธ์ฆ ์ฟผ๋ฆฌ
โ€ข
์‚ฌ์šฉ์ž ๊ถŒํ•œ ์ฟผ๋ฆฌ
@Bean public UserDetailsService userDetailsService() { JdbcUserDetailsManager userDetailsManager = new JdbcUserDetailsManager(dataSource); // ์‚ฌ์šฉ์ž ์ธ์ฆ ์ฟผ๋ฆฌ String sql1 = " SELECT username, password, enabled " + " FROM user " + " WHERE username = ? " ; // ์‚ฌ์šฉ์ž ๊ถŒํ•œ ์ฟผ๋ฆฌ String sql2 = " SELECT username, auth " + " FROM user_auth " + " WHERE username = ? " ; userDetailsManager.setUsersByUsernameQuery(sql1); userDetailsManager.setAuthoritiesByUsernameQuery(sql2); return userDetailsManager; }
Java
๋ณต์‚ฌ

SecurityConfig.java

@Configuration @EnableWebSecurity public class SecurityConfig { @Autowired private DataSource dataSource; // ์Šคํ”„๋ง ์‹œํ๋ฆฌํ‹ฐ ์„ค์ • ๋ฉ”์†Œ๋“œ @Bean public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { // โœ… ์ธ๊ฐ€ ์„ค์ • http.authorizeRequests(requests -> requests .antMatchers("/**").permitAll() .anyRequest().permitAll() ); // ๐Ÿ” ํผ ๋กœ๊ทธ์ธ ์„ค์ • http.formLogin(withDefaults()); return http.build(); } /** * ๐Ÿ‘ฎโ€โ™‚๏ธ๐Ÿ” ์‚ฌ์šฉ์ž ์ธ์ฆ ๊ด€๋ฆฌ ๋นˆ ๋“ฑ๋ก ๋ฉ”์†Œ๋“œ * JDBC ์ธ์ฆ ๋ฐฉ์‹ * โœ… ๋ฐ์ดํ„ฐ ์†Œ์Šค (URL, ID, PW) - application.properties * โœ… SQL ์ฟผ๋ฆฌ ๋“ฑ๋ก * โญ ์‚ฌ์šฉ์ž ์ธ์ฆ ์ฟผ๋ฆฌ * โญ ์‚ฌ์šฉ์ž ๊ถŒํ•œ ์ฟผ๋ฆฌ * @return */ @Bean public UserDetailsService userDetailsService() { JdbcUserDetailsManager userDetailsManager = new JdbcUserDetailsManager(dataSource); // ์‚ฌ์šฉ์ž ์ธ์ฆ ์ฟผ๋ฆฌ String sql1 = " SELECT username, password, enabled " + " FROM user " + " WHERE username = ? " ; // ์‚ฌ์šฉ์ž ๊ถŒํ•œ ์ฟผ๋ฆฌ String sql2 = " SELECT username, auth " + " FROM user_auth " + " WHERE username = ? " ; userDetailsManager.setUsersByUsernameQuery(sql1); userDetailsManager.setAuthoritiesByUsernameQuery(sql2); return userDetailsManager; } }
Java
๋ณต์‚ฌ