Search

νƒ€μž„λ¦¬ν”„ μŠ€ν”„λ§ μ‹œνλ¦¬ν‹°

νƒ€μž„λ¦¬ν”„ μŠ€ν”„λ§ μ‹œνλ¦¬ν‹°

ꡬ뢄
ν‚€μ›Œλ“œ/λ©”μ„œλ“œ
μ„€λͺ…
sec:authorize
isAnonymous()
μΈμ¦λ˜μ§€ μ•Šμ€ μ‚¬μš©μž(λΉ„λ‘œκ·ΈμΈ).
isAuthenticated()
인증된 μ‚¬μš©μž(둜그인).
hasRole('ROLE_X')
νŠΉμ • 역할을 가진 μ‚¬μš©μž.
hasAnyRole('ROLE_X', 'ROLE_Y')
μ—¬λŸ¬ μ—­ν•  쀑 ν•˜λ‚˜λΌλ„ 가진 μ‚¬μš©μž.
permitAll()
λͺ¨λ“  μ‚¬μš©μž ν—ˆμš©.
denyAll()
λͺ¨λ“  μ‚¬μš©μž κΈˆμ§€.
sec:authentication
name
인증된 μ‚¬μš©μžμ˜ 이름(아이디).
authorities
인증된 μ‚¬μš©μžμ˜ κΆŒν•œ λͺ©λ‘.
principal
인증된 μ‚¬μš©μž 객체 (UserDetails λ˜λŠ” CustomUser).
sec:csrf
${_csrf.parameterName}
CSRF νŒŒλΌλ―Έν„° 이름.
${_csrf.token}
CSRF 토큰 κ°’.

μ˜ˆμ‹œ μ½”λ“œ

1. sec:authorize

html μ½”λ“œ 볡사 <div sec:authorize="isAnonymous()"> <p>λ‘œκ·ΈμΈν•˜μ§€ μ•Šμ€ μ‚¬μš©μžμ—κ²Œλ§Œ ν‘œμ‹œλ©λ‹ˆλ‹€.</p> </div> <div sec:authorize="isAuthenticated()"> <p>λ‘œκ·ΈμΈν•œ μ‚¬μš©μžμ—κ²Œλ§Œ ν‘œμ‹œλ©λ‹ˆλ‹€.</p> </div> <div sec:authorize="hasRole('ROLE_ADMIN')"> <p>κ΄€λ¦¬μž μ „μš© μ½˜ν…μΈ μž…λ‹ˆλ‹€.</p> </div> <div sec:authorize="hasAnyRole('ROLE_USER', 'ROLE_MANAGER')"> <p>μ‚¬μš©μž λ˜λŠ” λ§€λ‹ˆμ € κΆŒν•œμ„ 가진 μ‚¬μš©μžλ§Œ λ³Ό 수 μžˆμŠ΅λ‹ˆλ‹€.</p> </div> <div sec:authorize="permitAll()"> <p>λͺ¨λ“  μ‚¬μš©μžμ—κ²Œ ν‘œμ‹œλ©λ‹ˆλ‹€.</p> </div> <div sec:authorize="denyAll()"> <p>이 μ½˜ν…μΈ λŠ” μ–΄λ–€ μ‚¬μš©μžμ—κ²Œλ„ ν‘œμ‹œλ˜μ§€ μ•ŠμŠ΅λ‹ˆλ‹€.</p> </div>
HTML
볡사

2. sec:authentication

html μ½”λ“œ 볡사 <p>λ‘œκ·ΈμΈν•œ μ‚¬μš©μž: <span sec:authentication="name"></span></p> <p>κΆŒν•œ λͺ©λ‘: <span sec:authentication="authorities"></span></p> <p>μ‚¬μš©μž 이름: <span sec:authentication="principal.user.name"></span></p> <p>μ‚¬μš©μž 이메일: <span sec:authentication="principal.user.email"></span></p>
HTML
볡사

3. sec:csrf

CSRF 토큰을 ν¬ν•¨ν•œ 폼
html μ½”λ“œ 볡사 <form th:action="@{/submit}" method="post"> <input type="hidden" th:name="${_csrf.parameterName}" th:value="${_csrf.token}" /> <button type="submit">제좜</button> </form>
HTML
볡사

4. μ’…ν•© 예제

둜그인 μƒνƒœμ— 따라 메뉴λ₯Ό λ‹€λ₯΄κ²Œ ν‘œμ‹œ:
html μ½”λ“œ 볡사 <div sec:authorize="isAuthenticated()"> <p>ν™˜μ˜ν•©λ‹ˆλ‹€, <span sec:authentication="name"></span>!</p> <a th:href="@{/logout}">λ‘œκ·Έμ•„μ›ƒ</a> </div> <div sec:authorize="isAnonymous()"> <a th:href="@{/login}">둜그인</a> <a th:href="@{/signup}">νšŒμ›κ°€μž…</a> </div>
HTML
볡사
κ΄€λ¦¬μžμ™€ 일반 μ‚¬μš©μžμ— 따라 λ‹€λ₯Έ μ½˜ν…μΈ  ν‘œμ‹œ:
html μ½”λ“œ 볡사 <div sec:authorize="hasRole('ROLE_ADMIN')"> <p>κ΄€λ¦¬μž μ „μš© νŽ˜μ΄μ§€μž…λ‹ˆλ‹€.</p> </div> <div sec:authorize="hasRole('ROLE_USER')"> <p>μ‚¬μš©μž μ „μš© νŽ˜μ΄μ§€μž…λ‹ˆλ‹€.</p> </div>
HTML
볡사

μš”μ•½

β€’
sec:authorizeλŠ” μ‚¬μš©μž μƒνƒœμ™€ κΆŒν•œμ— 따라 μ½˜ν…μΈ λ₯Ό λ Œλ”λ§ν•©λ‹ˆλ‹€.
β€’
sec:authentication을 μ‚¬μš©ν•˜μ—¬ 인증된 μ‚¬μš©μž 정보λ₯Ό 좜λ ₯ν•©λ‹ˆλ‹€.
β€’
sec:csrfλŠ” CSRF 보호λ₯Ό μœ„ν•΄ 토큰을 ν¬ν•¨ν•©λ‹ˆλ‹€.

μ˜ˆμ‹œμ½”λ“œ

β€’
index.html
<!DOCTYPE html> <html xmlns:th="http://www.thymeleaf.org" xmlns:sec="http://www.thymeleaf.org/thymeleaf-extras-springsecurity5"> <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>메인 ν™”λ©΄</title> <!-- bootstrap css --> <link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.1/dist/css/bootstrap.min.css" rel="stylesheet"> </head> <body> <!-- 헀더 --> <header class="d-flex flex-wrap align-items-center justify-content-center justify-content-md-between px-5 py-3 mb-4 border-bottom"> <div class="col-md-3 mb-2 mb-md-0"> <a href="/" class="d-inline-flex link-body-emphasis text-decoration-none"> <!-- 둜고 --> </a> </div> <ul class="nav col-12 col-md-auto mb-2 justify-content-center mb-md-0"> <li><a href="/" class="nav-link px-2 link-secondary">Home</a></li> <!-- μ‚¬μš©μž & κ΄€λ¦¬μž κΆŒν•œ --> <th:block sec:authorize="hasAnyRole('ROLE_USER','ROLE_ADMIN')"> <li><a href="/user" class="nav-link px-2">user</a></li> </th:block> <!-- κ΄€λ¦¬μž κΆŒν•œ --> <th:block sec:authorize="hasRole('ROLE_ADMIN')"> <li><a href="/admin" class="nav-link px-2">admin</a></li> </th:block> </ul> <div class="col-md-3 text-end"> <!-- λΉ„λ‘œκ·ΈμΈ μ‹œ --> <th:block sec:authorize="isAnonymous()"> <a href="/login" class="btn btn-outline-primary me-2">둜그인</a> <a href="/join" class="btn btn-primary me-2">νšŒμ›κ°€μž…</a> </th:block> <!-- 둜그인 μ‹œ --> <th:block sec:authorize="isAuthenticated()"> <form action="/logout" method="post"> <input type="hidden" th:name="${_csrf.parameterName}" th:value="${_csrf.token}" /> <button type="submit" class="btn btn-primary">λ‘œκ·Έμ•„μ›ƒ</button> </form> </th:block> </div> </header> <div class="container col-12 col-lg-4"> <div class="px-4 py-5 mt-5 text-center"> <h1 class="display-5 fw-bold text-body-emphasis">메인 ν™”λ©΄</h1> </div> <!-- λΉ„ 둜그인 μ‹œ --> <th:block sec:authorize="isAnonymous()"> <div class="d-grid gap-2"> <a href="/login" class="btn btn-lg btn-primary">둜그인</a> <a href="/join" class="btn btn-lg btn-success">νšŒμ›κ°€μž…</a> </div> </th:block> <!-- 둜그인 μ‹œ --> <th:block sec:authorize="isAuthenticated()"> <div class="card"> <div class="inner p-4"> <div class="d-flex flex-column align-items-center"> <div class="item my-2"> <h3> 아이디 : <span sec:authentication="name"></span> </h3> </div> <div class="item my-2"> <h3> κΆŒν•œ : <span sec:authentication="authorities"></span> </h3> </div> <div class="item my-2 w-100"> <p> μ‚¬μš©μž 객체 : <span sec:authentication="principal"></span> </p> </div> <!-- ⭐ sec:authentication="principal" ➑ CustomUser --> <!-- πŸ‘©β€πŸ’Ό CustomUser μ•ˆμ— Users user 객체가 μžˆλ‹€ --> <div class="item my-2"> <h5> 이름 : <span sec:authentication="principal.user.name"></span> </h5> </div> <div class="item my-2"> <h5> 이메일 : <span sec:authentication="principal.user.email"></span> </h5> </div> <!-- <div class="item my-2"> <img th:src="${user.profile}" alt="ν”„λ‘œν•„" class="rounded-circle"> </div> --> <!-- <div class="item my-2"> <h3 th:text="${user.name}"></h3> </div> <div class="item my-2"> <h5 th:text="${user.email}"></h5> </div> --> <div class="item my-2 w-100"> <span sec:authentication="principal">인증된 μ‚¬μš©μž</span> </div> </div> </div> </div> <form action="/logout" method="post"> <!-- CSRF TOKEN --> <input type="hidden" th:name="${_csrf.parameterName}" th:value="${_csrf.token}"> <div class="d-grid gap-2"> <button type="submit" class="btn btn-lg btn-primary">λ‘œκ·Έμ•„μ›ƒ</button> </div> </form> </th:block> </div> <!-- bootstrap js --> <script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.1/dist/js/bootstrap.bundle.min.js"></script> </body> </html>
HTML
볡사