Search

'Security'에 해당되는 글 1건

  1. 2014.01.28 Spring Security 적용하기

Spring Security 적용하기

Programming/Java 2014.01.28 15:33 Posted by 파란크리스마스

출처 : Spring Security 3 - 맛보기와 기본 설정의 이해
스프링 시큐리티 적용하기 (properties 인증 방법)
Spring Security를 이용한 인증 처리
AJAX Login with Spring Security

WEB-INF\web.xml

	<!-- 스프링 시큐리티 적용하기 -->
	<context-param&g
		<param-name>contextConfigLocation</param-name>
		<param-value>WEB-INF/spring-security.xml</param-value>
 	</context-param>	
	<filter>
		<filter-name>springSecurityFilterChain</filter-name>
		<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
	</filter>
	<filter-mapping>
		<filter-name>springSecurityFilterChain</filter-name>
		<url-pattern>/*</url-pattern>
	</filter-mapping>
	<listener>
  		<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
 	</listener>

WEB-INF\spring-security.xml

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
	xmlns:security="http://www.springframework.org/schema/security"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xsi:schemaLocation="http://www.springframework.org/schema/beans
           http://www.springframework.org/schema/beans/spring-beans-3.2.xsd
           http://www.springframework.org/schema/security
           http://www.springframework.org/schema/security/spring-security-3.2.xsd">

	<security:http pattern="/common/css/**" security="none" />
	<security:http pattern="/common/img/**" security="none" />
	<security:http pattern="/common/js/**" security="none" />

	<security:http auto-config="true">
		<security:intercept-url pattern="/admin/**"	access="ROLE_ADMIN" />
		<security:intercept-url pattern="/**" access="IS_AUTHENTICATED_ANONYMOUSLY" />		

		<!-- 
		<security:form-login login-page="/login.do"
			login-processing-url="/j_spring_security_check.do"
			default-target-url="/loginSuccess.do" authentication-failure-url="/loginFailed.do" />

		<security:logout logout-url="/j_spring_security_logout.do"
			logout-success-url="/logout.do" invalidate-session="true" />
 		-->			
	</security:http>


	<security:authentication-manager>
		<security:authentication-provider>
            <security:user-service>
                <security:user name="admin" password="admin!@" authorities="ROLE_ADMIN" />
            </security:user-service>		
			<!-- 
			<security:user-service properties="/WEB-INF/users-config.xml" />
			 -->
		</security:authentication-provider>
	</security:authentication-manager>

</beans>

WEB-INF\users-config.xml (옵션)

<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd">
<properties>
        <comment>users</comment>
        <entry key="admin">1111,ROLE_ADMIN,ROLE_USER</entry>
        <entry key="user">2222,ROLE_USER</entry>
</properties>

 

신고


 

티스토리 툴바