엄지월드

Spring Security 설정 본문

java/Spring

Spring Security 설정

킨글 2022. 8. 5. 17:14

Maven pom.xml에 스프링 시큐리티 추가 

<dependencies>
	<dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-security</artifactId>
    </dependency>
</dependencies>

 

 

스프링 시큐리티 모든 페이지를 설정해주는 경우 

package com.myapp.lms;

import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

@EnableWebSecurity
@Configuration
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.authorizeRequests()
                .antMatchers("/", "/**") // 모두 허용하겠다. 
                .permitAll(); 
        super.configure(http);
    }
}

 

특정 URL만 허용하는 경우

package com.myapp.lms;

import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

@EnableWebSecurity
@Configuration
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.authorizeRequests()
                .antMatchers(
                        "/",
                        "/member/register",
                        "/member/email-auth"
                )
                        .permitAll();
        super.configure(http);
    }
}

 

 

ADMIN 처리 하는 방법

SecurityConfiguration 파일 내 아래 코드 추가

@Override
protected void configure(HttpSecurity http) throws Exception {
    // ADMIN 페이지 설정. /admin/이 붙은 도메인은 모두 ADMIN 처리
    http.authorizeRequests()
        .antMatchers("/admin/**")
        .hasAuthority("ROLE_ADMIN");

    // 에러 페이지 핸들링
    http.exceptionHandling()
        .accessDeniedPage("/error/denied");
        
        
    super.configure(http);
}

 

MemberServiceImpl.java의 loadUserByUsername에서 grantedAuthorities.add 추가 

package com.myapp.lms.configuration;

import org.springframework.security.authentication.InternalAuthenticationServiceException;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

public class UserAuthenticationFailureHandler extends SimpleUrlAuthenticationFailureHandler {
    @Override
    public void onAuthenticationFailure(
            HttpServletRequest request,
            HttpServletResponse response,
            AuthenticationException exception) throws IOException, ServletException {
        String msg = "로그인에 실패했습니다.";
        if(exception instanceof InternalAuthenticationServiceException){
            msg = exception.getMessage();
        }else{
            msg = exception.getMessage();
            if(exception.equals("자격 증명에 실패하였습니다.")){
                msg = "아이디나 비밀번호가 틀립니다.";
            }
        }
        setUseForward(true);
        setDefaultFailureUrl("/member/login?error=true");
        request.setAttribute("errorMessage", msg);
        System.out.println(msg);
        super.onAuthenticationFailure(request, response, exception);
    }
}

 

'java > Spring' 카테고리의 다른 글

Spring paging  (0) 2022.08.10
thymeleaf fragment 설정  (0) 2022.08.09
JPA  (0) 2022.08.04
Parameter 0 of constructor in com.myapp.lms.component.MailComponents required a bean of type 'org.springframework.mail.javamail.JavaMailSender' that could not be found. 에러  (0) 2022.08.03
@Valid import 에러  (0) 2022.07.22
'java/Spring' Related Articles more
Comments