1. pom.xml에 dependency 추가
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-web</artifactId>
<version>3.2.4.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
<version>3.2.4.RELEASE</version>
</dependency>
3. security-context.xml 파일 생성
<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.2.xsd">
<http auto-config="true" access-denied-page="/denied"> -> 로그인 실패시 호출 url
<intercept-url pattern="/admin" access="ROLE_ADMIN" /> -> admin 페이지 호출시 role_admin만 접근가능
<intercept-url pattern="/member" access="ROLE_ADMIN,ROLE_USER" /> -> user, admin 접근권한
<form-login
login-page="/login" // 로그인 페이지 url 설정
authentication-success-handler-ref="loginSuccessHandler" // 로그인 성공 핸들러
authentication-failure-handler-ref="loginFailureHandler" // 로그인 실패 핸들러
/>
<logout logout-success-url="/main" />
</http>
<beans:bean id="loginSuccessHandler" class="com.demo.auth.LoginSuccessHandler"></beans:bean>
-> loginsuccesshandler.java 경로를 클래스에 넣어줌
<beans:bean id="loginFailureHandler" class="com.demo.auth.LoginFailureHandler"></beans:bean>
<beans:bean id="UserService" class="com.demo.auth.UserService"></beans:bean>
<beans:bean id="encoder" class="org.springframework.security.crypto.password.StandardPasswordEncoder"/>
-> 비밀번호 sha256 암호화
<authentication-manager>
<authentication-provider user-service-ref="UserService">
<password-encoder ref="encoder" />
</authentication-provider>
</authentication-manager>
</beans:beans>
