Spring Security 변경
This commit is contained in:
@@ -6,15 +6,19 @@ import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.boot.web.servlet.FilterRegistrationBean;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
||||
import org.springframework.security.config.http.SessionCreationPolicy;
|
||||
import org.springframework.security.web.SecurityFilterChain;
|
||||
import org.springframework.security.web.csrf.CookieCsrfTokenRepository;
|
||||
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
|
||||
|
||||
@Configuration
|
||||
@EnableWebSecurity
|
||||
public class PortalConfigSecurity extends WebSecurityConfigurerAdapter {
|
||||
@EnableGlobalMethodSecurity(securedEnabled = true)
|
||||
public class PortalConfigSecurity {
|
||||
|
||||
private final PortalAuthenticationFailureHandler authenticationFailureHandler;
|
||||
|
||||
@@ -41,34 +45,49 @@ public class PortalConfigSecurity extends WebSecurityConfigurerAdapter {
|
||||
return registrationBean;
|
||||
}
|
||||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
|
||||
http.headers().frameOptions().disable();//spring security 와 h2-console 같이 사용.
|
||||
|
||||
@Bean
|
||||
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
|
||||
http
|
||||
.formLogin()
|
||||
.authenticationManager(portalAuthenticationManager)
|
||||
// .authorizeRequests(authorizeRequests -> authorizeRequests.antMatchers("/h2-console/",
|
||||
// "/css/",
|
||||
// "/html/",
|
||||
// "/images/",
|
||||
// "/img/",
|
||||
// "/js/",
|
||||
// "/login",
|
||||
// "/intro.do",
|
||||
// "/join.do",
|
||||
// "/actionLogin.do",
|
||||
// "/search_id.do",
|
||||
// "/admin_register_view.do",
|
||||
// "/admin_register.do",
|
||||
// "/reset_password.do",
|
||||
// "/forgot_password.do")
|
||||
// .permitAll()
|
||||
// .anyRequest()
|
||||
// .authenticated())
|
||||
.formLogin(form -> form
|
||||
.loginPage("/login")
|
||||
.usernameParameter("id")
|
||||
.passwordParameter("password")
|
||||
.loginProcessingUrl("/actionLogin.do")
|
||||
.successHandler(authenticationSuccessHandler)
|
||||
.failureHandler(authenticationFailureHandler)
|
||||
.and()
|
||||
.logout().logoutUrl("/actionLogout.do").logoutSuccessUrl("/")
|
||||
.and().authorizeRequests() // 권한요청 처리 설정 메서드
|
||||
.antMatchers("/h2-console/**").permitAll() // 누구나 h2-console 접속 허용
|
||||
.and()
|
||||
.csrf()
|
||||
.requireCsrfProtectionMatcher(new AntPathRequestMatcher("/mgmt/**", "POST"))
|
||||
.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse());
|
||||
.successHandler(authenticationSuccessHandler))
|
||||
.logout(logout -> logout
|
||||
.logoutRequestMatcher(new AntPathRequestMatcher("/actionLogout.do", "GET"))
|
||||
.logoutSuccessUrl("/"))
|
||||
.csrf(csrf -> csrf
|
||||
.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
|
||||
.ignoringAntMatchers("/h2-console/**")
|
||||
).headers(headers -> headers.frameOptions().sameOrigin())
|
||||
.sessionManagement(session -> session
|
||||
.sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED)
|
||||
.sessionFixation()
|
||||
.changeSessionId()
|
||||
);
|
||||
|
||||
|
||||
return http.build();
|
||||
}
|
||||
|
||||
@Override
|
||||
@Bean
|
||||
public PortalAuthenticationManager authenticationManager() {
|
||||
return portalAuthenticationManager;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user