security-context.xml

SPRING/chapter04_MVC
security-context.xml

GAWON 2023. 7. 18. 09:58
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xmlns:context="http://www.springframework.org/schema/context"
	xmlns:security="http://www.springframework.org/schema/security"
	xsi:schemaLocation="http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd
		http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
		http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-4.3.xsd">
	
	<bean id="customAccessDenied" class="org.joonzis.security.CustomAccessDeniedHandler"></bean>
	<bean id="customLoginSuccess" class="org.joonzis.security.CustomLoginSuccessHandler"></bean>
	<bean id="bcryptPasswordEncoder" class="org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder"></bean>
	<bean id="customUserDetailService" class="org.joonzis.security.CustomUserDetailService"></bean>
	
	<!-- 이동하는 경로 -->
	 <security:http auto-config="true" use-expressions="true">
	
		<security:intercept-url pattern="/sample/all" access="permitAll"/>
		<security:intercept-url pattern="/sample/member" access="hasRole('ROLE_MEMBER')"/> <!-- hasRole은 MEMBER에 권한을 가지고있는지 물어보는것 -->
		<security:intercept-url pattern="/sample/admin" access="hasRole('ROLE_ADMIN')"/> <!-- hasRole은 ADMIN에 권한을 가지고있는지 물어보는것 -->
		
		<!-- <security:form-login login-page="/customLogin" authentication-success-handler-ref="customLoginSuccess"/> 로그인 핸들러 경로를 만든것  -->	
		<security:form-login login-page="/customLogin"/>   <!-- 로그인 -->
		
		<security:logout logout-url="/customLogout" invalidate-session="true" delete-cookies="remember-me"/> <!-- 로그아웃 -->
		
		<!--<security:access-denied-handler error-page="/accessError"/> -->	<!-- 접근 제한 처리 -->
		
			
		<security:csrf disabled="true"/>	
	
		<!-- DB를 이용한 자동 로그인(일주일) -->
		<security:remember-me data-source-ref="dataSource" token-validity-seconds="604800"/>
	</security:http>
	
	<!--인증절차 권한 -->
	<security:authentication-manager>
		<security:authentication-provider user-service-ref="customUserDetailService">
		<!--<security:jdbc-user-service--> 	
		<!--data-source-ref="dataSource"
			users-by-username-query="select userid, userpw, enabled from tbl_member where userid=?"
			authorities-by-username-query="select userid, auth from tbl_member_auth where userid=?"/>-->
		
		<!--<security:user-service>-->
        <!--<security:user name="member" password="{noop}1234" authorities="ROLE_MEMBER"/>-->
        <!--<security:user name="admin" password="{noop}admin" authorities="ROLE_MEMBER, ROLE_ADMIN"/> //한계정에 하위권한을 준것(다중 권한가능) --> 
        <!--</security:user-service>-->
			<security:password-encoder ref="bcryptPasswordEncoder"/>
		</security:authentication-provider>	
	</security:authentication-manager>
	

</beans>
저작자표시