Search

๋กœ๊ทธ์•„์›ƒ

๋กœ๊ทธ์•„์›ƒ

๋กœ๊ทธ์•„์›ƒ ๊ด€๋ จ ์„ค์ •์„ ํ•ด๋ด…๋‹ˆ๋‹ค.
// ๐Ÿ”“ ๋กœ๊ทธ์•„์›ƒ ์„ค์ • http.logout(logout -> logout .logoutUrl("/logout") // ๋กœ๊ทธ์•„์›ƒ ์š”์ฒญ ๊ฒฝ๋กœ .logoutSuccessUrl("/login?logout") // ๋กœ๊ทธ์•„์›ƒ ์„ฑ๊ณต ์‹œ URL .invalidateHttpSession(true) // ์„ธ์…˜ ์ดˆ๊ธฐํ™” .deleteCookies("remember-id") // ๋กœ๊ทธ์•„์›ƒ ์‹œ, ์•„์ด๋”” ์ €์žฅ ์ฟ ํ‚ค ์‚ญ์ œ // .logoutSuccessHandler(null) // ๋กœ๊ทธ์•„์›ƒ ์„ฑ๊ณต ์ฒ˜๋ฆฌ์ž ์„ค์ • );
Java
๋ณต์‚ฌ

SecurityConfig.java

@Slf4j @Configuration @EnableWebSecurity public class SecurityConfig { @Autowired private DataSource dataSource; @Autowired private UserDetailServiceImpl userDetailServiceImpl; @Autowired private LoginSuccessHandler loginSuccessHandler; @Autowired private LoginFailureHandler loginFailureHandler; @Autowired private CustomAccessDeniedHandler customAccessDeniedHandler; // ์Šคํ”„๋ง ์‹œํ๋ฆฌํ‹ฐ ์„ค์ • ๋ฉ”์†Œ๋“œ @Bean public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { // โœ… ์ธ๊ฐ€ ์„ค์ • http.authorizeHttpRequests(auth -> auth .requestMatchers("/admin", "/admin/**").hasRole("ADMIN") .requestMatchers("/user", "/user/**").hasAnyRole("USER","ADMIN") .requestMatchers("/**").permitAll() .anyRequest().permitAll() ); // ๐Ÿ” ํผ ๋กœ๊ทธ์ธ ์„ค์ • // โœ… ์ปค์Šคํ…€ ๋กœ๊ทธ์ธ ํŽ˜์ด์ง€ http.formLogin(login -> login.usernameParameter("id") // ์•„์ด๋”” ํŒŒ๋ผ๋ฏธํ„ฐ .passwordParameter("pw") // ๋น„๋ฐ€๋ฒˆํ˜ธ ํŒŒ๋ผ๋ฏธํ„ฐ .loginPage("/login") // ๋กœ๊ทธ์ธ ํŽ˜์ด์ง€ ๊ฒฝ๋กœ .loginProcessingUrl("/login") // ๋กœ๊ทธ์ธ ์š”์ฒญ ๊ฒฝ๋กœ // .defaultSuccessUrl("/?success") // ๋กœ๊ทธ์ธ ์„ฑ๊ณต ๊ฒฝ๋กœ .successHandler(loginSuccessHandler) // ๋กœ๊ทธ์ธ ์„ฑ๊ณต ์ฒ˜๋ฆฌ์ž ์„ค์ • // .failureUrl("/login?error") // ๋กœ๊ทธ์ธ ์‹คํŒจ ๊ฒฝ๋กœ .failureHandler(loginFailureHandler) // ๋กœ๊ทธ์ธ ์‹คํŒจ ์ฒ˜๋ฆฌ์ž ์„ค์ • ) ; // ๐Ÿ‘ฉโ€๐Ÿ’ผ ์‚ฌ์šฉ์ž ์ •์˜ ์ธ์ฆ http.userDetailsService(userDetailServiceImpl); // ๐Ÿ”„ ์ž๋™ ๋กœ๊ทธ์ธ ์„ค์ • http.rememberMe(me -> me.key("aloha") .rememberMeParameter("auto-login") .tokenRepository(tokenRepository()) .tokenValiditySeconds(60 * 60 * 24 * 7)); // 7์ผ ์œ ํšจ์‹œ๊ฐ„ (์ดˆ๋‹จ์œ„) // ์ธ์ฆ ์˜ˆ์™ธ ์ฒ˜๋ฆฌ http.exceptionHandling( exception -> exception // ์˜ˆ์™ธ ์ฒ˜๋ฆฌ ํŽ˜์ด์ง€ ์„ค์ • // .accessDeniedPage("/exception") // ์ ‘๊ทผ ๊ฑฐ๋ถ€ ์ฒ˜๋ฆฌ์ž ์„ค์ • .accessDeniedHandler(customAccessDeniedHandler) ); // ๐Ÿ”“ ๋กœ๊ทธ์•„์›ƒ ์„ค์ • http.logout(logout -> logout .logoutUrl("/logout") // ๋กœ๊ทธ์•„์›ƒ ์š”์ฒญ ๊ฒฝ๋กœ .logoutSuccessUrl("/login?logout") // ๋กœ๊ทธ์•„์›ƒ ์„ฑ๊ณต ์‹œ URL .invalidateHttpSession(true) // ์„ธ์…˜ ์ดˆ๊ธฐํ™” .deleteCookies("remember-id") // ๋กœ๊ทธ์•„์›ƒ ์‹œ, ์•„์ด๋”” ์ €์žฅ ์ฟ ํ‚ค ์‚ญ์ œ // .logoutSuccessHandler(null) // ๋กœ๊ทธ์•„์›ƒ ์„ฑ๊ณต ์ฒ˜๋ฆฌ์ž ์„ค์ • ); return http.build(); } /** * ๐Ÿƒ ๋น„๋ฐ€๋ฒˆํ˜ธ ์•”ํ˜ธํ™” ๋นˆ ๋“ฑ๋ก * @return */ @Bean public PasswordEncoder passwordEncoder() { return new BCryptPasswordEncoder(); } /** * ๐Ÿƒ AuthenticationManager ์ธ์ฆ ๊ด€๋ฆฌ์ž ๋นˆ ๋“ฑ๋ก * @param authenticationConfiguration * @return * @throws Exception */ @Bean public AuthenticationManager authenticationManager( AuthenticationConfiguration authenticationConfiguration ) throws Exception { return authenticationConfiguration.getAuthenticationManager(); } /** * ๐Ÿƒ JDBC ์ธ์ฆ ๋ฐฉ์‹ ๋นˆ ๋“ฑ๋ก * @return */ // @Bean // public UserDetailsService userDetailsService() { // JdbcUserDetailsManager userDetailsManager // = new JdbcUserDetailsManager(dataSource); // // ์‚ฌ์šฉ์ž ์ธ์ฆ ์ฟผ๋ฆฌ // String sql1 = " SELECT username, password, enabled " // + " FROM user " // + " WHERE username = ? " // ; // // ์‚ฌ์šฉ์ž ๊ถŒํ•œ ์ฟผ๋ฆฌ // String sql2 = " SELECT username, auth " // + " FROM user_auth " // + " WHERE username = ? " // ; // userDetailsManager.setUsersByUsernameQuery(sql1); // userDetailsManager.setAuthoritiesByUsernameQuery(sql2); // return userDetailsManager; // } /** * ๐Ÿƒ ์ž๋™ ๋กœ๊ทธ์ธ ์ €์žฅ์†Œ ๋นˆ ๋“ฑ๋ก * โœ… ๋ฐ์ดํ„ฐ ์†Œ์Šค * โญ persistent_logins ํ…Œ์ด๋ธ” ์ƒ์„ฑ create table persistent_logins ( username varchar(64) not null , series varchar(64) primary key , token varchar(64) not null , last_used timestamp not null ); * ๐Ÿ”„ ์ž๋™ ๋กœ๊ทธ์ธ ํ”„๋กœ์„ธ์Šค * โœ… ๋กœ๊ทธ์ธ ์‹œ * โžก ๐Ÿ‘ฉโ€๐Ÿ’ผ(ID, ์‹œ๋ฆฌ์ฆˆ, ํ† ํฐ) ์ €์žฅ * โœ… ๋กœ๊ทธ์•„์›ƒ ์‹œ, * โžก ๐Ÿ‘ฉโ€๐Ÿ’ผ(ID, ์‹œ๋ฆฌ์ฆˆ, ํ† ํฐ) ์‚ญ์ œ * @return */ @Bean public PersistentTokenRepository tokenRepository() { // JdbcTokenRepositoryImpl : ํ† ํฐ ์ €์žฅ ๋ฐ์ดํ„ฐ ๋ฒ ์ด์Šค๋ฅผ ๋“ฑ๋กํ•˜๋Š” ๊ฐ์ฒด JdbcTokenRepositoryImpl repositoryImpl = new JdbcTokenRepositoryImpl(); // โœ… ํ† ํฐ ์ €์žฅ์†Œ๋ฅผ ์‚ฌ์šฉํ•˜๋Š” ๋ฐ์ดํ„ฐ ์†Œ์Šค ์ง€์ • // - ์‹œํ๋ฆฌํ‹ฐ๊ฐ€ ์ž๋™ ๋กœ๊ทธ์ธ ํ”„๋กœ์„ธ์Šค๋ฅผ ์ฒ˜๋ฆฌํ•˜๊ธฐ ์œ„ํ•œ DB๋ฅผ ์ง€์ •ํ•ฉ๋‹ˆ๋‹ค. repositoryImpl.setDataSource(dataSource); // ์„œ๋ฒ„ ์‹คํ–‰ ์‹œ, ์ž๋™ ๋กœ๊ทธ์ธ ํ…Œ์ด๋ธ” ์ž๋™ ์ƒ์„ฑ // repositoryImpl.setCreateTableOnStartup(true); // persistent_logins ํ…Œ์ด๋ธ” ์ƒ์„ฑ try { repositoryImpl.getJdbcTemplate().execute(JdbcTokenRepositoryImpl.CREATE_TABLE_SQL); } catch (BadSqlGrammarException e) { log.error("persistent_logins ํ…Œ์ด๋ธ”์ด ์ด๋ฏธ ์กด์žฌํ•ฉ๋‹ˆ๋‹ค."); } catch (Exception e) { log.error("์ž๋™ ๋กœ๊ทธ์ธ ํ…Œ์ด๋ธ” ์ƒ์„ฑ ์ค‘ , ์˜ˆ์™ธ ๋ฐœ์ƒ"); } return repositoryImpl; } }
Java
๋ณต์‚ฌ