SPRING/chapter08_Security

security-context.xml

GAWON 2023. 7. 13. 10:50 
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xmlns:context="http://www.springframework.org/schema/context"
	xmlns:security="http://www.springframework.org/schema/security"
	xsi:schemaLocation="http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd
		http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
		http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-4.3.xsd">
	
	<bean id="customAccessDenied" class="org.joonzis.security.CustomAccessDeniedHandler"></bean>
	<bean id="customLoginSuccess" class="org.joonzis.security.CustomLoginSuccessHandler"></bean>
	<!-- 이동하는 경로 -->
	<security:http auto-config="true" use-expressions="true">
		<security:intercept-url pattern="/sample/all" access="permitALL"/>
		<security:intercept-url pattern="/sample/member" access="hasRole('ROLE_MEMBER')"/><!-- hasRole은 MEMBER에 권한을 가지고있는지 물어보는것 -->
		<security:intercept-url pattern="/sample/admin" access="hasRole('ROLE_ADMIN')"/><!-- hasRole은 ADMIN에 권한을 가지고있는지 물어보는것 -->
		
			
		<security:form-login login-page="/customLogin" authentication-success-handler-ref="customLoginSuccess"/>	<!-- 로그인 -->
		
		<security:logout logout-url="/customLogout" invalidate-session="true"/><!-- 로그아웃 -->
		
		<!--<security:access-denied-handler error-page="/accessError"/> -->	<!-- 접근 제한 처리 -->
		<security:access-denied-handler ref="customAccessDenied"/>
			
		<security:csrf disabled="true"/>	
	</security:http>
	
	<!--인증절차 권한 -->
	<security:authentication-manager>
		<security:authentication-provider>
			<security:user-service>
				<security:user name="member" password="{noop}1234" authorities="ROLE_MEMBER"/>
				<security:user name="admin" password="{noop}admin" authorities="ROLE_MEMBER, ROLE_ADMIN"/><!-- 한계정에 하위권한을 준것(다중권한) -->
			</security:user-service>
		</security:authentication-provider>	
	</security:authentication-manager>
	

</beans>
저작자표시