SampleController.java

package org.joonzis.controller;

import org.springframework.security.access.annotation.Secured;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;

import lombok.extern.log4j.Log4j;

@Log4j
@Controller
@RequestMapping("/sample/*")
public class SampleController {
	
	@GetMapping("/all")
	public String doAll() {
		log.info("do all can access everybody");
		return "/sample/all";
	}
	@GetMapping("/member")
	public String doMember() {
		log.info("logined member");
		return "/sample/member";
	}
	@GetMapping("/admin")
	public String doAdmin() {
		log.info("admon only");
		return "/sample/admin";
	}
	
	/*
	 * @PreAuthorize(표현식) 및 @Secured(배열)를 이용하여 권한 체크
	 * 
	 * 컨트롤러에서 사용하느 시큐리티의 어노테이션을 활성화 하기위해
	 * security-context.xml이 아니 servlet-context.xml에 관련 설정을 추가해야 함
	 * 
	 */
	
	@PreAuthorize("hasAnyRole('ROLE_ADMIN', 'ROLE_MEMBER')")
	@GetMapping("/annoMember")
	public void doMember2() {
		log.info("로그인 어노테이션 멤버");
	}
	
	@Secured({"ROLE_ADMIN"})
	@GetMapping("/annoAdmin")
	public void doAdmin2() {
		log.info("어드민 어노테이션");
	}
	
	
	
	
}