Spring Security 적용

북마크 추가

1. pom.xml에 dependency 추가

 

 <dependency>

        <groupId>org.springframework.security</groupId>

        <artifactId>spring-security-web</artifactId>

        <version>3.2.4.RELEASE</version>

 </dependency>

 <dependency>

        <groupId>org.springframework.security</groupId>

        <artifactId>spring-security-config</artifactId>

        <version>3.2.4.RELEASE</version>

 </dependency>

 


2.web.xml 

<filter>
    <filter-name>springSecurityFilterChain</filter-name>
    <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
    <filter-name>springSecurityFilterChain</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping>

 

3. security-context.xml 파일 생성

 

<?xml version="1.0" encoding="UTF-8"?>

<beans:beans xmlns="http://www.springframework.org/schema/security"

    xmlns:beans="http://www.springframework.org/schema/beans"

    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

    xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd

                        http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.2.xsd">

     

 <http auto-config="true" access-denied-page="/denied">   -> 로그인 실패시 호출 url

     <intercept-url pattern="/admin" access="ROLE_ADMIN" /> -> admin 페이지 호출시 role_admin만 접근가능 

     <intercept-url pattern="/member" access="ROLE_ADMIN,ROLE_USER" /> -> user, admin 접근권한

  <form-login 

   login-page="/login"        // 로그인 페이지 url 설정

   authentication-success-handler-ref="loginSuccessHandler"  // 로그인 성공 핸들러

   authentication-failure-handler-ref="loginFailureHandler"         // 로그인 실패 핸들러

  />

  <logout logout-success-url="/main" />  

 </http>

 

 <beans:bean id="loginSuccessHandler" class="com.demo.auth.LoginSuccessHandler"></beans:bean>

-> loginsuccesshandler.java 경로를 클래스에 넣어줌

 <beans:bean id="loginFailureHandler" class="com.demo.auth.LoginFailureHandler"></beans:bean>

 

 <beans:bean id="UserService" class="com.demo.auth.UserService"></beans:bean>

 <beans:bean id="encoder" class="org.springframework.security.crypto.password.StandardPasswordEncoder"/>

 -> 비밀번호 sha256 암호화

 <authentication-manager>  

  <authentication-provider user-service-ref="UserService">

   <password-encoder ref="encoder" />     

  </authentication-provider>

 </authentication-manager> 

</beans:beans>

 

 

 

Admin
2014-07-12 09:35
SHARE
keyboard_arrow_left
keyboard_arrow_up