Notice
Recent Posts
Recent Comments
Link
«   2025/08   »
1 2
3 4 5 6 7 8 9
10 11 12 13 14 15 16
17 18 19 20 21 22 23
24 25 26 27 28 29 30
31
Tags more
Archives
Today
Total
관리 메뉴

기록

JAVA Spring 시큐리티 애노테이션 본문

JAVA

JAVA Spring 시큐리티 애노테이션

9400 2023. 2. 15. 09:47

security-context.xml 에 추가 

   xmlns:security="http://www.springframework.org/schema/security"

servlet-context.xml 

<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/mvc"
   xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
   xmlns:beans="http://www.springframework.org/schema/beans"
   xmlns:context="http://www.springframework.org/schema/context"
   xmlns:security="http://www.springframework.org/schema/security"
   xsi:schemaLocation="http://www.springframework.org/schema/mvc https://www.springframework.org/schema/mvc/spring-mvc.xsd
      http://www.springframework.org/schema/beans https://www.springframework.org/schema/beans/spring-beans.xsd
      http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd
      http://www.springframework.org/schema/context https://www.springframework.org/schema/context/spring-context.xsd">

	<!-- DispatcherServlet Context: defines this servlet's request-processing infrastructure -->
	<!-- 스트링 웹(view) 설정 파일 -->
	
	
	<!-- Enables the Spring MVC @Controller programming model -->
	<annotation-driven />

	<!-- Handles HTTP GET requests for /resources/** by efficiently serving up static resources in the ${webappRoot}/resources directory -->
	<!-- static folder설정(정적폴더설정) => css,images, upload, js 
		 http://localhost/resources/ 
	-->
	<resources mapping="/resources/**" location="/resources/" />

	<!-- Resolves views selected for rendering by @Controllers to .jsp resources in the /WEB-INF/views directory -->
	<beans:bean class="org.springframework.web.servlet.view.InternalResourceViewResolver">
		<beans:property name="prefix" value="/WEB-INF/views/" />
		<beans:property name="suffix" value=".jsp" />
		  <beans:property name="order" value="2" />
	</beans:bean>

<!-- Tiles 설정 시작 -->
   <beans:bean id="tilesConfigurer" 
      class="org.springframework.web.servlet.view.tiles3.TilesConfigurer">
      <beans:property name="definitions">
         <beans:list>
            <beans:value>/WEB-INF/spring/tiles-config.xml</beans:value>
         </beans:list>
      </beans:property>
   </beans:bean>
   <!-- UrlBasedViewResolver tilesViewResolver = new UrlBasedViewResolver(); -->
   <beans:bean id="tilesViewResolver" 
      class="org.springframework.web.servlet.view.UrlBasedViewResolver">
      <beans:property name="viewClass" 
      value="org.springframework.web.servlet.view.tiles3.TilesView" />
      <beans:property name="order" value="1" />
   </beans:bean>
   <!-- Tiles 설정 끝 -->
   
   <security:global-method-security pre-post-annotations="enabled"
   secured-annotations="enabled"></security:global-method-security>
	
	<context:component-scan base-package="kr.or.ddit" />
	
</beans:beans>

 

servlet-context.xml 에 아래 추가 

   <!-- 스프링 시큐리티 애너테이션을 활성화 
   - Secured : 스프링 시큐리티 모듈을 지원하기 위한 애너테이션
   - PreAuthorize : 메서드가 실행되기 전에 적용할 접근 정책을 지정 할 때 사용
   - PostAuthorirze : 메서드가 실행된 후에 적용할 접근 정책을 지정할 때 사용
   
   pre-post-annotations="enabled" : PreAuthrize, PostAuthrize 를 사용할 수 있게 됨
   secured-annotations="enabled" : Secured를 사용할 수 있게 됨
   -->
   <security:global-method-security pre-post-annotations="enabled"
   secured-annotations="enabled"></security:global-method-security>

 

컨트롤러 

 

어노테이션

@PreAuthorize("isAuthenticated()")

추가시 로그인 회원만 /list에 접근 가능하다. 

	//요청URI : /board/list : 모두가 접근 가능 => 변경 => 로그인한 사용자만 접근 가능
	//Authentication : 인증(로그인) be+p.p => 수동형(~되다)
	@PreAuthorize("isAuthenticated()")
	@GetMapping("/list")
	public String list() {
		//forwarding
		//board폴더의 list.jsp를 포워딩
		return "board/list";
	}

 

어노테이션 

@PreAuthorize("hasRole('ROLE_MEMBER')") 추가 시 

 /resgister는 ROLE_MEMBER 의 권한을 가진 사람만 접근 가능하다 

 

	//요청URI : /board/register : 로그인한 회원만 접근 가능
	@PreAuthorize("hasRole('ROLE_MEMBER')")
	@GetMapping("/register")
	public String register() {
		//forwarding
		return "board/register";
	}

 

 

어노테이션 

@PreAuthorize("hasAnyRole('ROLE_ADMIN','ROLE_MEMBER')")

ROLE_ADMIN/ROLE_MEMBER 둘중하나의 권한이라도 가지고 있으면 접근 가능

	//요청URI : /notice/register : 로그인한 관리자(ROLE_ADMIN)나 회원(ROLE_MEMBER) 권한을 가진 사용자만 접근 가능
	//authentication : 인증(로그인) / authorization : 인가(권한)
	//둘중 하나라도 권한을 가지고 있다면 아래의 URI에 접근 가능.
	@PreAuthorize("hasAnyRole('ROLE_ADMIN','ROLE_MEMBER')")
	@GetMapping("/register")
	public String register() {
		return "notice/register";
	}

 

 

아래와 같이 security-context.xml 로 /board/* 설정 가능하다 

 		<!-- URI 패턴으로 접근 제한을 설정 -->
<!--  		<security:intercept-url pattern="/board/*" access="permitAll"/> -->
Comments