Merge pull request #13 from lucki3377/contribution
SecurityConfig에서 WebSecurityConfigurerAdapter 대체 처리
This commit is contained in:
overpassion
@@ -2,12 +2,13 @@ package org.egovframe.cloud.userservice.config;
|
|||||||
|
|
||||||
import lombok.RequiredArgsConstructor;
|
import lombok.RequiredArgsConstructor;
|
||||||
import org.egovframe.cloud.userservice.service.user.UserService;
|
import org.egovframe.cloud.userservice.service.user.UserService;
|
||||||
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
|
import org.springframework.context.annotation.Bean;
|
||||||
|
import org.springframework.security.authentication.AuthenticationManager;
|
||||||
|
import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration;
|
||||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
|
||||||
import org.springframework.security.config.http.SessionCreationPolicy;
|
import org.springframework.security.config.http.SessionCreationPolicy;
|
||||||
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
|
import org.springframework.security.web.SecurityFilterChain;
|
||||||
|
|
||||||
import static org.egovframe.cloud.common.config.GlobalConstant.SECURITY_PERMITALL_ANTPATTERNS;
|
import static org.egovframe.cloud.common.config.GlobalConstant.SECURITY_PERMITALL_ANTPATTERNS;
|
||||||
|
|
||||||
@@ -31,57 +32,50 @@ import static org.egovframe.cloud.common.config.GlobalConstant.SECURITY_PERMITAL
|
|||||||
*/
|
*/
|
||||||
@RequiredArgsConstructor
|
@RequiredArgsConstructor
|
||||||
@EnableWebSecurity // Spring Security 설정들을 활성화시켜 준다
|
@EnableWebSecurity // Spring Security 설정들을 활성화시켜 준다
|
||||||
public class SecurityConfig extends WebSecurityConfigurerAdapter {
|
public class SecurityConfig {
|
||||||
|
|
||||||
private final TokenProvider tokenProvider;
|
private final TokenProvider tokenProvider;
|
||||||
private final UserService userService;
|
private final UserService userService;
|
||||||
private final BCryptPasswordEncoder bCryptPasswordEncoder;
|
|
||||||
|
@Bean
|
||||||
|
AuthenticationManager authenticationManager(AuthenticationConfiguration authConfiguration) throws Exception {
|
||||||
|
return authConfiguration.getAuthenticationManager();
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 스프링 시큐리티 설정
|
* 스프링 시큐리티 설정
|
||||||
*
|
*
|
||||||
* @param http
|
* @param http
|
||||||
* @throws Exception
|
* @throws Exception
|
||||||
*/
|
*/
|
||||||
@Override
|
@Bean
|
||||||
protected void configure(HttpSecurity http) throws Exception {
|
public SecurityFilterChain configure(HttpSecurity http) throws Exception {
|
||||||
http
|
|
||||||
.csrf().disable()
|
AuthenticationManager authenticationManager = authenticationManager(http.getSharedObject(AuthenticationConfiguration.class));
|
||||||
.headers().frameOptions().disable()
|
|
||||||
.and()
|
/**
|
||||||
.sessionManagement()
|
* 로그인 인증정보를 받아 토큰을 발급할 수 있도록 필터를 등록해준다.
|
||||||
.sessionCreationPolicy(SessionCreationPolicy.STATELESS) // 토큰 사용하기 때문에 세션은 비활성화
|
*
|
||||||
.and()
|
* @return
|
||||||
.authorizeRequests()
|
* @throws Exception
|
||||||
.antMatchers(SECURITY_PERMITALL_ANTPATTERNS).permitAll()
|
*/
|
||||||
.anyRequest().access("@authorizationService.isAuthorization(request, authentication)") // 호출 시 권한 인가 데이터 확인
|
AuthenticationFilter authenticationFilter = new AuthenticationFilter(authenticationManager, tokenProvider, userService);
|
||||||
.and()
|
|
||||||
.addFilter(getAuthenticationFilter())
|
http
|
||||||
.logout()
|
.csrf().disable().headers().frameOptions().disable()
|
||||||
.logoutSuccessUrl("/");
|
.and()
|
||||||
}
|
.sessionManagement()
|
||||||
|
.sessionCreationPolicy(SessionCreationPolicy.STATELESS) // 토큰 사용하기 때문에 세션은 비활성화
|
||||||
/**
|
.and()
|
||||||
* 로그인 인증정보를 받아 토큰을 발급할 수 있도록 필터를 등록해준다.
|
.authorizeRequests()
|
||||||
*
|
.antMatchers(SECURITY_PERMITALL_ANTPATTERNS).permitAll()
|
||||||
* @return
|
.anyRequest().access("@authorizationService.isAuthorization(request, authentication)") // 호출 시 권한 인가 데이터 확인
|
||||||
* @throws Exception
|
.and()
|
||||||
*/
|
.addFilter(authenticationFilter)
|
||||||
private AuthenticationFilter getAuthenticationFilter() throws Exception {
|
.logout()
|
||||||
return new AuthenticationFilter(authenticationManager(), tokenProvider, userService);
|
.logoutSuccessUrl("/");
|
||||||
}
|
|
||||||
|
return http.build();
|
||||||
/**
|
}
|
||||||
* 인증 관련 - 로그인 처리
|
|
||||||
* DB 에서 조회하여 일치하는지 체크한다.
|
|
||||||
*
|
|
||||||
* @param auth
|
|
||||||
* @throws Exception
|
|
||||||
*/
|
|
||||||
@Override
|
|
||||||
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
|
|
||||||
// userService.loadUserByUsername 메소드
|
|
||||||
auth.userDetailsService(userService).passwordEncoder(bCryptPasswordEncoder);
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user