180418 Spring Security - RYUDONGJIN/Memo_wiki GitHub Wiki

Scurity

1. pom.xml에 라이브러리 추가

<dependencies>
    <dependency>
        <groupId>org.springframework.security</groupId>
        <artifactId>spring-security-web</artifactId>
        <version>5.0.4.RELEASE</version>
    </dependency>
</dependencies>

2. web.xml 수정

<context-param>
		<param-name>contextConfigLocation</param-name>
		<param-value>
			/WEB-INF/spring/root-context.xml
			/WEB-INF/spring/security-context.xml       <--- 추가 
		</param-value>
</context-param>
<!-- Security filter 추가 -->
    <filter>
        <filter-name>springSecurityFilterChain</filter-name>
        <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
    </filter>   
    <filter-mapping>
        <filter-name>springSecurityFilterChain</filter-name>
        <url-pattern>/*</url-pattern>
    </filter-mapping>

3. security-context.xml 추가

<security:http auto-config="true">
   <security:form-login login-page="/loginForm.html"
                        authentication-failure-url="/loginForm.html?ng" />
   <security:intercept-url pattern="/login.html*" access="ROLE_USER" />
   <security:intercept-url pattern="/welcome.html*" access="ROLE_ADMIN" />
</security:http>

<security:authentication-manager>
   <security:authentication-provider>
      <security:user-service>
         <security:user name="user" password="123" authorities="ROLE_USER" />
         <security:user name="admin" password="123" authorities="ROLE_ADMIN, ROLE_USER" />
      </security:user-service>
   </security:authentication-provider>
</security:authentication-manager>

4. security/tags사용

<%@ taglib uri="http://www.springframework.org/security/tags" prefix="s" %>

<s:authorize ifAnyGranted="ROLE_USER">
<p> is Log-in </p>
</s:authorize>

<s:authorize ifNotGranted="ROLE_USER">
<p> is Log-Out </p>
</s:authorize>
⚠️ **GitHub.com Fallback** ⚠️