From e5807aaf6a5a5469061f0c0a2302083ecfb1bf9d Mon Sep 17 00:00:00 2001 From: EunJuOh33 Date: Mon, 22 Feb 2021 16:43:02 +0900 Subject: [PATCH 1/5] =?UTF-8?q?[#23]=20env=20:=20pom.xml=EC=97=90=20securi?= =?UTF-8?q?ty=20=ED=8C=8C=EC=9D=BC=20=EC=B6=94=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .settings/org.eclipse.wst.common.component | 30 +++++++++++-------- pom.xml | 22 ++++++++++++++ .../org.zerock/controller/pom.properties | 2 +- .../maven/org.zerock/controller/pom.xml | 22 ++++++++++++++ 4 files changed, 63 insertions(+), 13 deletions(-) diff --git a/.settings/org.eclipse.wst.common.component b/.settings/org.eclipse.wst.common.component index 3e29d1d..0b6634e 100644 --- a/.settings/org.eclipse.wst.common.component +++ b/.settings/org.eclipse.wst.common.component @@ -1,56 +1,62 @@ - + + - + + - + + - + + - + + - - uses - - + + - + + - + + - + + diff --git a/pom.xml b/pom.xml index a80ade7..c57b603 100644 --- a/pom.xml +++ b/pom.xml @@ -49,6 +49,28 @@ ${org.springframework-version} + + + org.springframework.security + spring-security-web + 5.0.6.RELEASE + + + org.springframework.security + spring-security-config + 5.0.6.RELEASE + + + org.springframework.security + spring-security-core + 5.0.6.RELEASE + + + org.springframework.security + spring-security-taglibs + 5.0.6.RELEASE + + com.zaxxer diff --git a/target/m2e-wtp/web-resources/META-INF/maven/org.zerock/controller/pom.properties b/target/m2e-wtp/web-resources/META-INF/maven/org.zerock/controller/pom.properties index 8ed3c8a..5b57031 100644 --- a/target/m2e-wtp/web-resources/META-INF/maven/org.zerock/controller/pom.properties +++ b/target/m2e-wtp/web-resources/META-INF/maven/org.zerock/controller/pom.properties @@ -1,5 +1,5 @@ #Generated by Maven Integration for Eclipse -#Mon Feb 22 12:12:18 KST 2021 +#Mon Feb 22 16:41:52 KST 2021 m2e.projectLocation=D\:\\workspace\\ex03 m2e.projectName=ex03 groupId=org.zerock diff --git a/target/m2e-wtp/web-resources/META-INF/maven/org.zerock/controller/pom.xml b/target/m2e-wtp/web-resources/META-INF/maven/org.zerock/controller/pom.xml index a80ade7..c57b603 100644 --- a/target/m2e-wtp/web-resources/META-INF/maven/org.zerock/controller/pom.xml +++ b/target/m2e-wtp/web-resources/META-INF/maven/org.zerock/controller/pom.xml @@ -49,6 +49,28 @@ ${org.springframework-version} + + + org.springframework.security + spring-security-web + 5.0.6.RELEASE + + + org.springframework.security + spring-security-config + 5.0.6.RELEASE + + + org.springframework.security + spring-security-core + 5.0.6.RELEASE + + + org.springframework.security + spring-security-taglibs + 5.0.6.RELEASE + + com.zaxxer From 711f1c941257e2cbe8352b3293d91351a11198ed Mon Sep 17 00:00:00 2001 From: EunJuOh33 Date: Mon, 22 Feb 2021 18:58:33 +0900 Subject: [PATCH 2/5] =?UTF-8?q?[#23]=20env=20:=20SecurityConfig=20?= =?UTF-8?q?=EC=9E=90=EB=B0=94=20=EC=84=A4=EC=A0=95.=20xml=20=EC=84=A4?= =?UTF-8?q?=EC=A0=95=20=EC=97=B0=EC=8A=B5=ED=95=84=EC=9A=94?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../org/zerock/config/SecurityConfig.java | 36 ++++++++++++++++++ .../zerock/config/SecurityInitializer.java | 7 ++++ .../java/org/zerock/config/WebConfig.java | 2 +- .../org/zerock/config/SecurityConfig.class | Bin 0 -> 4370 bytes .../zerock/config/SecurityInitializer.class | Bin 0 -> 384 bytes .../classes/org/zerock/config/WebConfig.class | Bin 2038 -> 2081 bytes 6 files changed, 44 insertions(+), 1 deletion(-) create mode 100644 src/main/java/org/zerock/config/SecurityConfig.java create mode 100644 src/main/java/org/zerock/config/SecurityInitializer.java create mode 100644 target/classes/org/zerock/config/SecurityConfig.class create mode 100644 target/classes/org/zerock/config/SecurityInitializer.class diff --git a/src/main/java/org/zerock/config/SecurityConfig.java b/src/main/java/org/zerock/config/SecurityConfig.java new file mode 100644 index 0000000..dd576a1 --- /dev/null +++ b/src/main/java/org/zerock/config/SecurityConfig.java @@ -0,0 +1,36 @@ +package org.zerock.config; + +import org.springframework.context.annotation.Configuration; +import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; +import org.springframework.security.config.annotation.web.builders.HttpSecurity; +import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; +import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; + +import lombok.extern.log4j.Log4j; + +@Configuration +@EnableWebSecurity +@Log4j +public class SecurityConfig extends WebSecurityConfigurerAdapter { + + @Override + public void configure(HttpSecurity http) throws Exception { + + http.authorizeRequests() + .antMatchers("/sample/all").permitAll() + .antMatchers("/sample/admin").access("hasRole('ROLE_ADMIN')") + .antMatchers("/sample/member").access("hasRole('ROLE_MEMBER')"); + + http.formLogin().loginPage("/customLogin").loginProcessingUrl("/login"); + + } + + @Override + public void configure(AuthenticationManagerBuilder auth) throws Exception { + + log.info("configure...................."); + auth.inMemoryAuthentication().withUser("admin").password("{noop}admin").roles("ADMIN"); + auth.inMemoryAuthentication().withUser("member").password("{noop}member").roles("MEMBER"); + } + +} diff --git a/src/main/java/org/zerock/config/SecurityInitializer.java b/src/main/java/org/zerock/config/SecurityInitializer.java new file mode 100644 index 0000000..ec3b97b --- /dev/null +++ b/src/main/java/org/zerock/config/SecurityInitializer.java @@ -0,0 +1,7 @@ +package org.zerock.config; + +import org.springframework.security.web.context.AbstractSecurityWebApplicationInitializer; + +public class SecurityInitializer extends AbstractSecurityWebApplicationInitializer { + +} diff --git a/src/main/java/org/zerock/config/WebConfig.java b/src/main/java/org/zerock/config/WebConfig.java index 6431931..e45b785 100644 --- a/src/main/java/org/zerock/config/WebConfig.java +++ b/src/main/java/org/zerock/config/WebConfig.java @@ -12,7 +12,7 @@ public class WebConfig extends AbstractAnnotationConfigDispatcherServletInitiali @Override protected Class[] getRootConfigClasses() { - return new Class[] { RootConfig.class }; + return new Class[] { RootConfig.class, SecurityConfig.class }; } @Override diff --git a/target/classes/org/zerock/config/SecurityConfig.class b/target/classes/org/zerock/config/SecurityConfig.class new file mode 100644 index 0000000000000000000000000000000000000000..4c1c2dd5e5d477c262a605ee57b90c12c63ae829 GIT binary patch literal 4370 zcmd5zGp2Mmgmmdd1FdiW#0~$N21pRIs`7NQ9;SK-Ta(y7UiPnFBm~Qt~SqfT`x34 z+jEUYnTuP?ezj#r=2m{U>`OmAYnDRk3$#04Uf}6*wTxLZt%5Yza%kQd_wsq^4+&^T zEXQ{3@F)lO4@?VmjCiv$iFH_?fG)7*E>m@Ez(#@YybP<~5;)L5K5t$z4aaoz#)xAE z!O*~6SMG+u6FNH4C9rYacI8C5n3Mh)Gv`Qw)VODv&a~;<>OF4kIuZd*q8+_Do`goQ zVZjarc1O$Hi)~ukUEK!qBarEjW~`F=T-kPJr5_k4!?09ieMpg(99^>-b4IV^a-eN|@V<+2PyQgW-m%Ka)$taC&wN0&;z z3<4T;)_2nJ5|P(cJy?0#-o~IYmoBGR;OMN(+d=3r4<+!Nz@`QpQ=#&84SfRZjKD0G z9BG)2lf(e_C$LZ8<^yo^kU{G>fES3*bi<4pGG=`8+1G!e$-Ap&(7hX$P3GpM71Cfs z;PT@zqP8P)mV_rUh!=Idq}-vqB>kctrX5GaA%XREo@a};tKqP~=7JeyJxBKUWhci+ zFQt!X#wPj()Hhz!@jBiR=rS#fdoS=^b5PgKejN7wi)U##BCw%mTTv?Y&_EgMU1?lq zG;?e;tE}6Bw{)a&j10|revz_ey8_c|50n$NuQlRgNW*af-LT3*=v9|W;sj16@U}p9 zjr6rxPsbQe(J-pJ?VdLC)VRW<*tr%<)6{V~j7luFtBjn`F^SU@@hTXmK&2vXo^C2| z?NOjg=O{L&6{?VsZfIMPN}aGBDpJ#)Fkcj?+ybW_p87{TuW~wg=`hV`I4iKdE_Q=0ekyOz=y(t3Xshkcd5raD!efydm`>sXE++84fb|%_>-Yed z7@4-4kwwp6UTLVnjn&8CZ5-BFVcshF-W6M=E&7}>7B6`=kp6KQnzj?f#5OsG22-HZ zRQi~N1)0DsJ#}rwtO=2hIk0fk7VWU0kPCd@yp0d4!}m+ty~x_z)LHXQ4L0-THP`b> z*JBnJP)vaFe(Mpj*o5Ma{cHhIhZ_-EVpYl_dsYKwpfgH*Ni4wE5g=rX&#cI-_e1M! z|NpRsf_sI6TT6LM%rjN$Yb{sVTTOdZ0k!7>aor0nhrv>;EjZy#r>I<6IXST8g@XOUc8&nkLn=PsIl%|;i0h{kl`)S0sPNrXTszh7|w1qOSGm ziCWYrc+QKb8N92Bo%?>l=G&)ih^FY(0oa14IFP3piJx)vK<%TZSYUW#0R#ju8**u%X#%0pxW)^HuxFs|Vvf@;Tgj&H-q jxWRjpPoMDqDX*Knwz7W#pWzFR9Kpr^ik1TLD7c0WgcKnmAz2gzh5CG4%o4|EozDdLD=H)kK7fxx ztdS$7q?y~9UCqwz_s{1SfKzNo2n6=6%jKJKR?noi<&<(cHo9@-U$0B@qzdA0gizqN z9jz-zWj=LkZWh+fWZezRg~?h2Z(h6{Wwm!o`=!&p$wpOGkXD{-x#BA@I453nA<#QK znh1oK_QAyHVLd?~1A$>mrMYS5nQ?b2D~!NSYPBjR%2CTZG4zjA3ml~X`p%g^JhqL~ z=89U&-DS{~XeUqVSz!;HjL!vrMVp8*VkZAM&_Djb+B*vYV#c=3A~qP4u1>JYOkj&K G!0;CferA*a literal 0 HcmV?d00001 diff --git a/target/classes/org/zerock/config/WebConfig.class b/target/classes/org/zerock/config/WebConfig.class index 8cef2556850539d03c73f901d1b5b94cf2d53c7a..007d97d8e190e2675e2698a2decf57bc7faec88f 100644 GIT binary patch delta 495 zcmXX>OHUI~6#nj=I}fH~XeNyyw9@jhEkhZNP>Ujnm6w8u1#yH;)6`lYZ89k)8W;Qm zjX6sf#`p(x13`l9jT?W53wJEVW9a6d^F7XY&OPq@6t#c+{q`Ne7#@AK--x7%E`ek- ztog62VYBkguQVHv>ovbrt!#(&)+^c({i26Hi`B040@0`Cmu3HXxxt23SZ~xUBq<_S z#2{_Tf#?MR)e5((5o9oIB1>=OsODjWj^wl$r4yMI7b&X^TRB{Dprb&WTEfcUs)K8o zq#f6a@dXQ$K_oXl|?&DEDmX3sVv{zs9MI2=`9AcW{Q0LN~oIQsNxFGt#}i zh_h-kKh}=4)gclb*+;*O^mq#WZM_K#8vBMkcfcLmM_R+i0dj%s$8afz%kKCd^2^@H zJ|-w<<|nUXiYF61HH{m5mBI{ewzIYvNzRHNpcw37cFA++cCp~8T`ckXd-TyP^xa2^ V?GkHjlvu|Dt~N6nY#=Z?{sH>SSlj>r delta 458 zcmXYt%P(Vb6vw~6`*vNK=4vq7qV(ya>7Y6uV>&~<)vKjq(^Mm5rj<@dB9Vx_jhv0d zYBrNdY-|WZY;`fo{1I06Rw91H?mWKddp_siL0J^Yrs_!s5VNO;@cWk!S z$za>aY-K_}GWoU8e5tseU(?V)VIjeqX-{aW_Ap4L;_qA~dhZHFQuyY}G7u8;}v9J<+B45H;`_z4TXnkiIcQ4#IV`D>u~Z zh@nEmFoT?2h_^>y^AQ817^8bB;EiFzz$B(P=&xKUUMOaB!})Asm4kA!z;ZC9B0-v5 E7fat)wg3PC From 5dbd8af441a7db844f82519d30a677d9d6292221 Mon Sep 17 00:00:00 2001 From: EunJuOh33 Date: Mon, 22 Feb 2021 22:27:07 +0900 Subject: [PATCH 3/5] =?UTF-8?q?[#23]=20env=20:=20=EC=A7=80=EC=9A=B0?= =?UTF-8?q?=EA=B3=A0=20=EB=8B=A4=EC=8B=9C=20=EC=88=98=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .settings/org.eclipse.wst.common.component | 3 ++ pom.xml | 1 + .../org/zerock/config/SecurityConfig.java | 19 +++-------- .../controller/SecuritySampleController.java | 31 ++++++++++++++++++ src/main/webapp/WEB-INF/views/accessError.jsp | 22 +++++++++++++ .../WEB-INF/views/samplesecurity/admin.jsp | 12 +++++++ .../WEB-INF/views/samplesecurity/all.jsp | 13 ++++++++ .../WEB-INF/views/samplesecurity/member.jsp | 13 ++++++++ .../org/zerock/config/SecurityConfig.class | Bin 4370 -> 2266 bytes .../controller/SecuritySampleController.class | Bin 0 -> 1229 bytes .../org.zerock/controller/pom.properties | 2 +- .../maven/org.zerock/controller/pom.xml | 1 + 12 files changed, 101 insertions(+), 16 deletions(-) create mode 100644 src/main/java/org/zerock/controller/SecuritySampleController.java create mode 100644 src/main/webapp/WEB-INF/views/accessError.jsp create mode 100644 src/main/webapp/WEB-INF/views/samplesecurity/admin.jsp create mode 100644 src/main/webapp/WEB-INF/views/samplesecurity/all.jsp create mode 100644 src/main/webapp/WEB-INF/views/samplesecurity/member.jsp create mode 100644 target/classes/org/zerock/controller/SecuritySampleController.class diff --git a/.settings/org.eclipse.wst.common.component b/.settings/org.eclipse.wst.common.component index 0b6634e..547abdf 100644 --- a/.settings/org.eclipse.wst.common.component +++ b/.settings/org.eclipse.wst.common.component @@ -34,6 +34,9 @@ + + uses + diff --git a/pom.xml b/pom.xml index c57b603..a714b9c 100644 --- a/pom.xml +++ b/pom.xml @@ -65,6 +65,7 @@ spring-security-core 5.0.6.RELEASE + org.springframework.security spring-security-taglibs diff --git a/src/main/java/org/zerock/config/SecurityConfig.java b/src/main/java/org/zerock/config/SecurityConfig.java index dd576a1..a7064b7 100644 --- a/src/main/java/org/zerock/config/SecurityConfig.java +++ b/src/main/java/org/zerock/config/SecurityConfig.java @@ -1,7 +1,6 @@ package org.zerock.config; import org.springframework.context.annotation.Configuration; -import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; @@ -12,25 +11,15 @@ @EnableWebSecurity @Log4j public class SecurityConfig extends WebSecurityConfigurerAdapter { - + @Override public void configure(HttpSecurity http) throws Exception { http.authorizeRequests() - .antMatchers("/sample/all").permitAll() - .antMatchers("/sample/admin").access("hasRole('ROLE_ADMIN')") - .antMatchers("/sample/member").access("hasRole('ROLE_MEMBER')"); - - http.formLogin().loginPage("/customLogin").loginProcessingUrl("/login"); - - } - - @Override - public void configure(AuthenticationManagerBuilder auth) throws Exception { + .antMatchers("/samplesecurity/all").permitAll() + .antMatchers("/samplesecurity/admin").access("hasRole('ROLE_ADMIN')") + .antMatchers("/samplesecurity/member").access("hasRole('ROLE_MEMBER')"); - log.info("configure...................."); - auth.inMemoryAuthentication().withUser("admin").password("{noop}admin").roles("ADMIN"); - auth.inMemoryAuthentication().withUser("member").password("{noop}member").roles("MEMBER"); } } diff --git a/src/main/java/org/zerock/controller/SecuritySampleController.java b/src/main/java/org/zerock/controller/SecuritySampleController.java new file mode 100644 index 0000000..8379183 --- /dev/null +++ b/src/main/java/org/zerock/controller/SecuritySampleController.java @@ -0,0 +1,31 @@ +package org.zerock.controller; + +import org.springframework.stereotype.Controller; +import org.springframework.web.bind.annotation.GetMapping; +import org.springframework.web.bind.annotation.RequestMapping; + +import lombok.extern.log4j.Log4j; + +@Controller +@RequestMapping("/samplesecurity/*") +@Log4j +public class SecuritySampleController { + +/* Spring Security 연습 */ + + @GetMapping("/all") + public void doAll() { + log.info("do all can access everybody"); + } + + @GetMapping("/member") + public void doMember() { + log.info("logined member"); + } + + @GetMapping("/admin") + public void doAdmin() { + log.info("admin only"); + } + +} diff --git a/src/main/webapp/WEB-INF/views/accessError.jsp b/src/main/webapp/WEB-INF/views/accessError.jsp new file mode 100644 index 0000000..6c6d102 --- /dev/null +++ b/src/main/webapp/WEB-INF/views/accessError.jsp @@ -0,0 +1,22 @@ +<%@ page language="java" contentType="text/html; charset=UTF-8" + pageEncoding="UTF-8"%> + +<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %> +<%@ taglib uri="http://www.springframework.org/security/tags" prefix="sec" %> +<%@ page import="java.util.*" %> + + + + + + +Insert title here + + +

Access Denied Page

+ +

+ +

+ + \ No newline at end of file diff --git a/src/main/webapp/WEB-INF/views/samplesecurity/admin.jsp b/src/main/webapp/WEB-INF/views/samplesecurity/admin.jsp new file mode 100644 index 0000000..b2f7983 --- /dev/null +++ b/src/main/webapp/WEB-INF/views/samplesecurity/admin.jsp @@ -0,0 +1,12 @@ +<%@ page language="java" contentType="text/html; charset=UTF-8" + pageEncoding="UTF-8"%> + + + + +Insert title here + + +

/sample/admin page

+ + \ No newline at end of file diff --git a/src/main/webapp/WEB-INF/views/samplesecurity/all.jsp b/src/main/webapp/WEB-INF/views/samplesecurity/all.jsp new file mode 100644 index 0000000..fcf7d7d --- /dev/null +++ b/src/main/webapp/WEB-INF/views/samplesecurity/all.jsp @@ -0,0 +1,13 @@ +<%@ page language="java" contentType="text/html; charset=UTF-8" + pageEncoding="UTF-8"%> + + + + + +Insert title here + + +

/sample/all page

+ + \ No newline at end of file diff --git a/src/main/webapp/WEB-INF/views/samplesecurity/member.jsp b/src/main/webapp/WEB-INF/views/samplesecurity/member.jsp new file mode 100644 index 0000000..cc55de6 --- /dev/null +++ b/src/main/webapp/WEB-INF/views/samplesecurity/member.jsp @@ -0,0 +1,13 @@ +<%@ page language="java" contentType="text/html; charset=UTF-8" + pageEncoding="UTF-8"%> + + + + + +Insert title here + + +

/sample/member page

+ + \ No newline at end of file diff --git a/target/classes/org/zerock/config/SecurityConfig.class b/target/classes/org/zerock/config/SecurityConfig.class index 4c1c2dd5e5d477c262a605ee57b90c12c63ae829..5b0527f85a34ad59c72327fd2b3f6482d850420f 100644 GIT binary patch delta 263 zcmbQFbW4!y)W2Q(7#J8#7`!)fsWS@*>lY{H7UZNBrzV#cWtLQKwq#CV6c9xdoxG6c zihvlpU@faM7b62pMoCElBZJrE^^9JVS$H3?crY>~Pj29~o_vl;WAaTt7e?mEa{PLX zJd=I-jTm_+H}Gq6wlJ_VFacfRFnJTdef~xui-|!9NQwc)8GtM<24Myn1`!4W22lok z25}${BnQ?3zGp2Mmgmmdd1FdiW#0~$N21pRIs`7NQ9;SK-Ta(y7UiPnFBm~Qt~SqfT`x34 z+jEUYnTuP?ezj#r=2m{U>`OmAYnDRk3$#04Uf}6*wTxLZt%5Yza%kQd_wsq^4+&^T zEXQ{3@F)lO4@?VmjCiv$iFH_?fG)7*E>m@Ez(#@YybP<~5;)L5K5t$z4aaoz#)xAE z!O*~6SMG+u6FNH4C9rYacI8C5n3Mh)Gv`Qw)VODv&a~;<>OF4kIuZd*q8+_Do`goQ zVZjarc1O$Hi)~ukUEK!qBarEjW~`F=T-kPJr5_k4!?09ieMpg(99^>-b4IV^a-eN|@V<+2PyQgW-m%Ka)$taC&wN0&;z z3<4T;)_2nJ5|P(cJy?0#-o~IYmoBGR;OMN(+d=3r4<+!Nz@`QpQ=#&84SfRZjKD0G z9BG)2lf(e_C$LZ8<^yo^kU{G>fES3*bi<4pGG=`8+1G!e$-Ap&(7hX$P3GpM71Cfs z;PT@zqP8P)mV_rUh!=Idq}-vqB>kctrX5GaA%XREo@a};tKqP~=7JeyJxBKUWhci+ zFQt!X#wPj()Hhz!@jBiR=rS#fdoS=^b5PgKejN7wi)U##BCw%mTTv?Y&_EgMU1?lq zG;?e;tE}6Bw{)a&j10|revz_ey8_c|50n$NuQlRgNW*af-LT3*=v9|W;sj16@U}p9 zjr6rxPsbQe(J-pJ?VdLC)VRW<*tr%<)6{V~j7luFtBjn`F^SU@@hTXmK&2vXo^C2| z?NOjg=O{L&6{?VsZfIMPN}aGBDpJ#)Fkcj?+ybW_p87{TuW~wg=`hV`I4iKdE_Q=0ekyOz=y(t3Xshkcd5raD!efydm`>sXE++84fb|%_>-Yed z7@4-4kwwp6UTLVnjn&8CZ5-BFVcshF-W6M=E&7}>7B6`=kp6KQnzj?f#5OsG22-HZ zRQi~N1)0DsJ#}rwtO=2hIk0fk7VWU0kPCd@yp0d4!}m+ty~x_z)LHXQ4L0-THP`b> z*JBnJP)vaFe(Mpj*o5Ma{cHhIhZ_-EVpYl_dsYKwpfgH*Ni4wE5g=rX&#cI-_e1M! z|NpRsf_sI6TT6LM%rjN$Yb{sVTTOdZ0k!7>aor0nhrv>;EjZy#r>I<6IXST8g@XOUc8&nkLn=PsIl%|;i0h{kl`)S0sPNrXTszh7|w1qOSGm ziCWYrc+QKb8N92Bo%?>l=G&)ih^FY(0oa14IFP3piJx)vK<%TZSYUW#0R#ju8**u%X#%0pxW)^HuxFs|Vvf@;Tgj&H-q jxWRjpPoMDqDX*Knwz7W#pWzFR9Kc3JG zHGc31_@j)oR{}(?iA}CIvorJT%rnpZ{`2z}fOWj6qQtOjY|KANYr+#Ank2JEYiaqu z40~2({e98tYPo$8sA801@>rY-u0;~_-S)8zGlmguVum{{hbForJd&JF){lA1#Idv+ z4Blp_Rid)jl)TtHU>Mytk*s43H>&U%W`>md7{>%dEtc5;i(zH4b=kqT7HPWC9C~vN z3{yVJs4z^lR3hK?I&Ep+i?)^wjg|?8J`h$p|NOABnKxR;2yXkh1&^A|j#SF9mS6M# zbkW@9$ZTm%-0by|Om*aeN)=tTl_Vw;nKB8%uII36*Qz8ww4x)=j6LCJvd!BniMY7P z& z^Cc{hP)6v>V7TklLRJ|bs`QZh$ZOKu{b~*N1NE<%{7g;>4f?O-p)uUdPaFh^=Ddv4 z+ZC3VzGM2|5_)kCzm4fVD4}Y~25b;1aY> zAy7vi!Ma`sz_knD$3uXhTnBzy06atGvxUHmLx7vtftLz^=cs(X0Jww|nxcf~IT;PI MR>^ma4hUKM3w9U|7XSbN literal 0 HcmV?d00001 diff --git a/target/m2e-wtp/web-resources/META-INF/maven/org.zerock/controller/pom.properties b/target/m2e-wtp/web-resources/META-INF/maven/org.zerock/controller/pom.properties index 5b57031..85b4c55 100644 --- a/target/m2e-wtp/web-resources/META-INF/maven/org.zerock/controller/pom.properties +++ b/target/m2e-wtp/web-resources/META-INF/maven/org.zerock/controller/pom.properties @@ -1,5 +1,5 @@ #Generated by Maven Integration for Eclipse -#Mon Feb 22 16:41:52 KST 2021 +#Mon Feb 22 21:44:32 KST 2021 m2e.projectLocation=D\:\\workspace\\ex03 m2e.projectName=ex03 groupId=org.zerock diff --git a/target/m2e-wtp/web-resources/META-INF/maven/org.zerock/controller/pom.xml b/target/m2e-wtp/web-resources/META-INF/maven/org.zerock/controller/pom.xml index c57b603..a714b9c 100644 --- a/target/m2e-wtp/web-resources/META-INF/maven/org.zerock/controller/pom.xml +++ b/target/m2e-wtp/web-resources/META-INF/maven/org.zerock/controller/pom.xml @@ -65,6 +65,7 @@ spring-security-core 5.0.6.RELEASE
+ org.springframework.security spring-security-taglibs From cc42550956eebc1ad28ea12f34e7dfcd3b863cb9 Mon Sep 17 00:00:00 2001 From: EunJuOh33 Date: Mon, 22 Feb 2021 23:31:42 +0900 Subject: [PATCH 4/5] =?UTF-8?q?[#23]=20env/front=20:=20=EB=A1=9C=EA=B7=B8?= =?UTF-8?q?=EC=9D=B8=20=ED=8E=98=EC=9D=B4=EC=A7=80=EB=B7=B0=20=EC=9E=91?= =?UTF-8?q?=EC=84=B1,=20member=EB=82=98=20admin=20=ED=8E=98=EC=9D=B4?= =?UTF-8?q?=EC=A7=80=20=EC=A0=91=EA=B7=BC=20=EC=8B=9C=20=EB=A1=9C=EA=B7=B8?= =?UTF-8?q?=EC=9D=B8=20=ED=8E=98=EC=9D=B4=EC=A7=80=EB=A1=9C=20=EC=9D=B4?= =?UTF-8?q?=EB=8F=99?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../org/zerock/config/SecurityConfig.java | 10 +++++ .../controller/SecurityCommonController.java | 36 ++++++++++++++++++ src/main/webapp/WEB-INF/views/customLogin.jsp | 35 +++++++++++++++++ .../org/zerock/config/SecurityConfig.class | Bin 2266 -> 4394 bytes .../controller/SecurityCommonController.class | Bin 0 -> 1966 bytes 5 files changed, 81 insertions(+) create mode 100644 src/main/java/org/zerock/controller/SecurityCommonController.java create mode 100644 src/main/webapp/WEB-INF/views/customLogin.jsp create mode 100644 target/classes/org/zerock/controller/SecurityCommonController.class diff --git a/src/main/java/org/zerock/config/SecurityConfig.java b/src/main/java/org/zerock/config/SecurityConfig.java index a7064b7..ed7a63d 100644 --- a/src/main/java/org/zerock/config/SecurityConfig.java +++ b/src/main/java/org/zerock/config/SecurityConfig.java @@ -1,6 +1,7 @@ package org.zerock.config; import org.springframework.context.annotation.Configuration; +import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; @@ -20,6 +21,15 @@ public void configure(HttpSecurity http) throws Exception { .antMatchers("/samplesecurity/admin").access("hasRole('ROLE_ADMIN')") .antMatchers("/samplesecurity/member").access("hasRole('ROLE_MEMBER')"); + http.formLogin().loginPage("/customLogin").loginProcessingUrl("/login"); + + } + + @Override + public void configure(AuthenticationManagerBuilder auth) throws Exception { + log.info("configure...................."); + auth.inMemoryAuthentication().withUser("admin").password("{noop}admin").roles("ADMIN"); + auth.inMemoryAuthentication().withUser("member").password("{noop}member").roles("MEMBER"); } } diff --git a/src/main/java/org/zerock/controller/SecurityCommonController.java b/src/main/java/org/zerock/controller/SecurityCommonController.java new file mode 100644 index 0000000..f1ad2da --- /dev/null +++ b/src/main/java/org/zerock/controller/SecurityCommonController.java @@ -0,0 +1,36 @@ +package org.zerock.controller; + +import org.springframework.security.core.Authentication; +import org.springframework.stereotype.Controller; +import org.springframework.ui.Model; +import org.springframework.web.bind.annotation.GetMapping; + +import lombok.extern.log4j.Log4j; + +@Controller +@Log4j +public class SecurityCommonController { + + @GetMapping("/accessError") + public void accessDenied(Authentication auth, Model model) { + log.info("access Denied : " + auth); + + model.addAttribute("msg", "Access Denied"); + } + + @GetMapping("/customLogin") + public void loginInput(String error, String logout, Model model) { + + log.info("error: " + error); + log.info("logout: " + logout); + + if(error != null) { + model.addAttribute("error", "Login Error Check Your Account"); + } + + if(logout != null) { + model.addAttribute("logout", "Logout!!"); + } + } + +} diff --git a/src/main/webapp/WEB-INF/views/customLogin.jsp b/src/main/webapp/WEB-INF/views/customLogin.jsp new file mode 100644 index 0000000..532c547 --- /dev/null +++ b/src/main/webapp/WEB-INF/views/customLogin.jsp @@ -0,0 +1,35 @@ +<%@ page language="java" contentType="text/html; charset=UTF-8" + pageEncoding="UTF-8"%> + +<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %> + + + + + + +Insert title here + + + +

Custom Login Page

+

+

+ +
+ +
+ +
+
+ +
+
+ +
+ + +
+ + + \ No newline at end of file diff --git a/target/classes/org/zerock/config/SecurityConfig.class b/target/classes/org/zerock/config/SecurityConfig.class index 5b0527f85a34ad59c72327fd2b3f6482d850420f..f7e20c226a0c509145f1e6f22ee177cd3f4e0c2f 100644 GIT binary patch literal 4394 zcmd5TUv@Kv474cHEh7zRMw3tFGAmS!HO}5?ahTRQqK}1pU z@(1*T{s?s@I?m|$*&pTjoZZc(Z9qx^%}lb{_uQWMIq&tazkmA!z)^e?Lz}=J$1UjB zrR(J9^}J)xngxAQ<}0r0FO3ARF?0xARfZY2Po`SRYcPCDMy|Syor%#jsPLr$I!0 zB!S)78^a!f(+_a#Ezj1l5BtfZQSpn8YhIUGd9@-vpOoC`54m5Xigk{tWqPsfO3$NG z=Upom9T8YvXu-+B7-E0%vDs!SsB0X()zg1-3NUnDmvc$I(ZQbk8W2Em=2r z!?F?>z@Zop3fz7Gjvg|24Ttf(zy`ziGloy!amj06|D`4?57nWWH#D5c&B?q^#dU$J zk3)&t&Bz%NpTHnq(D0%%i|(>?OQxT)tT>JeY+c3oOv$w4IL4u(;bk35_V;Bc#?n_( zCo`kteFJK*S2etb*9E$ae4e%-@LjW$*VTUD^b-FtvUMI#t`P;V(mRoD|UXe8uyf@Tde%;dBgd3uMP;4FiC2!^RqMHjn3vlY1U zC{U$x3_?cUS1uxL-^>Tm>y&9RQZ?NP^GJ~qUEs{a%L)O{YrIbt#v3s8ddOc6KV#Uu zNB2aSjF^7nI4`iX9{dJdd{jQ4*6BQb?EcWghxSZU@C!2xE#a#0{O=PUc(2t zLeDhqj4V0s(sD%wZmr!1S8!Noh54-PI@e5<&S-P`XmsRxPr4_iZrsKE{hEwfr>@jVjU1-$>j2AE2l%sq0t7`|M4@NU*xH8_o0>+Yq$ zz{XV66a=NGz^=x!R?PtRvgd1Ok1ViVHGcfpfjDCPvO?k80H5m9ofN+!@iVsk$d@)G z`P&r?ZA4EXQCqP8iH3|CX5A zD494^#jcLuao|FG^0~<>`v1gW6-Oe;OOYh`auu&cvZ0#n4a%mud^kB$MLPLT6`AP< zpzVRmJxCDy4s68{^kSHR#tBC0)f*lkfg}*Ti!9+OxRa~k-iqK3|AZ~cb5%_7+>6N% ztH>pbRm?@u974OQAYDvW)X+j>Xek(Kz)O+~U>9lKjs4hzH+f$TSi^N#!?=Nu2&x@7 oIlm1b;})L@{`-W_Px-yg?{<#Q<1>80nS;24ulO9`^J|EI09j#~rT_o{ delta 185 zcmZ3bbW4!y)W2Q(7#J8#7`!)ftz(_Mn>}o@9Pd3wkICmaj3(DJn@s-5=fcQ5*^FP0 zk!Nx$zY!zv$oGlEj3`{_M4wFyu+vjftvX~fzfTS2uoB_zZ*;T4A#*GWrjr-8b-)8UgWZyhDF)+4Rj zDgO!>QXVsW$6G83tLlzl^#UtmXWBX3fwGY}y+?5PzUvwF+G*mRF@3@ED zrjxBByCJ$=9#$BP9oP2)Pu?Np(n^aVQxhGY!#ozUFc~hN;c6m}3k-8zE|XXcJfYPJ`w0w6qi??#AM#%Eidw@j%pAHseK9a)>QXbyluC=pkq6yw)O)q z_nm&9fD!JQmyRD3L#CY+uos3R%)+8hjmU3GRmQ#8^E*5=aD%jwSX)WG*0zpM$E4L>)HU!4!$MW}aZuPiKEoGTe9mxH>2|W6!{(UShSor* zQavmdEuBPqAkrX|;&|Y9*mm$lQyb`tCS6X;5A%US<#&}AO2I8w2cu2h` zv?7+BW*L6}VON-d59dh^BdM@J7qNWPEItC6%dx^7wZz&K#qd>)?8WEGK zBkmWP(s7UJwhTr_u1V2ce&16=<=R=(b3;X9Ser_EBzee%eBI~vXx>&(r1_Pmfz9x) z8e+7{z(AHB8j7@Ap||?Y71*!H{fxyQX_G>M{%7^4dAzMpR0x`712>!A%5i4(4K7W( znA*im3~(9mkRc5jLXg6Hw9eD+Dm~Y}2aB+*aU2pZh4aQwSo{OmpBIX6aC7YhADm$I z1RLeT?ZVb?_%w}YqilKYv4|ytTcn%{sFg$+WTkl6!IzXvt?uA1Az=6l)u~ACX(Yc8 zk__3`he&D(lD!1U@bqgsEuUa;y7m|H>xD;!MuM@dw~q_oj3B2qr^`e=h>#_sqfBIM z5)l=eK6eTDBZ8<(SWVKOmQY6>Pjm@&9MCGI!0BSrXwo`^R3%TRPidXPcba0=yB6>- DpyKwU literal 0 HcmV?d00001 From 677b60b3836fc6b71be0520b5f9d8358085cb6a4 Mon Sep 17 00:00:00 2001 From: EunJuOh33 Date: Mon, 1 Mar 2021 23:33:39 +0900 Subject: [PATCH 5/5] =?UTF-8?q?[#23]=20feat/env=20:=20=EB=A1=9C=EA=B7=B8?= =?UTF-8?q?=EC=9D=B8=20=EC=84=B1=EA=B3=B5=EC=8B=9C=20-=20=EC=82=AC?= =?UTF-8?q?=EC=9A=A9=EC=9E=90=EC=9D=98=20=EA=B6=8C=ED=95=9C=EC=97=90=20?= =?UTF-8?q?=EB=94=B0=EB=9D=BC=20=ED=8E=98=EC=9D=B4=EC=A7=80=20=EC=9D=B4?= =?UTF-8?q?=EB=8F=99=20=EC=B2=98=EB=A6=AC=20=EC=84=A4=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../org/zerock/config/SecurityConfig.java | 24 ++++++--- .../security/CustomLoginSuccessHandler.java | 47 ++++++++++++++++++ .../org/zerock/config/SecurityConfig.class | Bin 4394 -> 4912 bytes .../security/CustomLoginSuccessHandler.class | Bin 0 -> 3065 bytes .../org.zerock/controller/pom.properties | 2 +- 5 files changed, 64 insertions(+), 9 deletions(-) create mode 100644 src/main/java/org/zerock/security/CustomLoginSuccessHandler.java create mode 100644 target/classes/org/zerock/security/CustomLoginSuccessHandler.class diff --git a/src/main/java/org/zerock/config/SecurityConfig.java b/src/main/java/org/zerock/config/SecurityConfig.java index ed7a63d..1a5d180 100644 --- a/src/main/java/org/zerock/config/SecurityConfig.java +++ b/src/main/java/org/zerock/config/SecurityConfig.java @@ -1,10 +1,13 @@ package org.zerock.config; +import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; +import org.springframework.security.web.authentication.AuthenticationSuccessHandler; +import org.zerock.security.CustomLoginSuccessHandler; import lombok.extern.log4j.Log4j; @@ -13,6 +16,18 @@ @Log4j public class SecurityConfig extends WebSecurityConfigurerAdapter { + @Override + public void configure(AuthenticationManagerBuilder auth) throws Exception { + log.info("configure...................."); + auth.inMemoryAuthentication().withUser("admin").password("{noop}admin").roles("ADMIN"); + auth.inMemoryAuthentication().withUser("member").password("{noop}member").roles("MEMBER"); + } + + @Bean + public AuthenticationSuccessHandler loginSuccessHandler() { + return new CustomLoginSuccessHandler(); + } + @Override public void configure(HttpSecurity http) throws Exception { @@ -21,15 +36,8 @@ public void configure(HttpSecurity http) throws Exception { .antMatchers("/samplesecurity/admin").access("hasRole('ROLE_ADMIN')") .antMatchers("/samplesecurity/member").access("hasRole('ROLE_MEMBER')"); - http.formLogin().loginPage("/customLogin").loginProcessingUrl("/login"); + http.formLogin().loginPage("/customLogin").loginProcessingUrl("/login").successHandler(loginSuccessHandler()); } - @Override - public void configure(AuthenticationManagerBuilder auth) throws Exception { - log.info("configure...................."); - auth.inMemoryAuthentication().withUser("admin").password("{noop}admin").roles("ADMIN"); - auth.inMemoryAuthentication().withUser("member").password("{noop}member").roles("MEMBER"); - } - } diff --git a/src/main/java/org/zerock/security/CustomLoginSuccessHandler.java b/src/main/java/org/zerock/security/CustomLoginSuccessHandler.java new file mode 100644 index 0000000..a818970 --- /dev/null +++ b/src/main/java/org/zerock/security/CustomLoginSuccessHandler.java @@ -0,0 +1,47 @@ +package org.zerock.security; + +import java.io.IOException; +import java.util.ArrayList; +import java.util.List; + +import javax.servlet.ServletException; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.springframework.security.core.Authentication; +import org.springframework.security.web.authentication.AuthenticationSuccessHandler; + +import lombok.extern.log4j.Log4j; + +@Log4j +public class CustomLoginSuccessHandler implements AuthenticationSuccessHandler { + + @Override + public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication auth) throws IOException, ServletException { + + log.warn("Login Success"); + + List roleNames = new ArrayList<>(); + + auth.getAuthorities().forEach(authority -> { + roleNames.add(authority.getAuthority()); + }); + + log.warn("ROLE NAMES: " + roleNames); + + /* 사용자가 가진 모든 권한을 문자열로 체크 */ + + if(roleNames.contains("ROLE_ADMIN")) { // "ROLE_ADMIN" 권한을 가졌다면 로그인 후 바로 /samplesecurity/admin 페이지로 이동 + response.sendRedirect("/samplesecurity/admin"); + return; + } + + if(roleNames.contains("ROLE_MEMBER")) { + response.sendRedirect("/samplesecurity/member"); + return; + } + + response.sendRedirect("/"); + } + +} diff --git a/target/classes/org/zerock/config/SecurityConfig.class b/target/classes/org/zerock/config/SecurityConfig.class index f7e20c226a0c509145f1e6f22ee177cd3f4e0c2f..43bb2e0759a1247840b205c8b94e498ae2c7c3d0 100644 GIT binary patch delta 1251 zcmb7ETW=dh6#m9*d)J%IrB2AjP18%#G-*k<4M`vkBsdL_mZX%LHg&m#jk7qL+H2Qq zH#j923iQIgoPv;0RUr^a6%y^sRw@EjJo13lCmulJH}H&vIO}X03Qw#wGdtgRX6Bsl zoSAFeu6L_H{dMaH00a2shWdq|4T?p7if&24W?E6Y!do?LLnnQ$Yz=S64jJ9_v$7!d zpqGXtSDJPSgpB#DWvl3eE@QXA8M>p4l3mkA-$uGZ8unl>Evnzd9uTNGW9M@D6@S4X z9+WX8aL!+FaQGqY6;Seq<1FP0^D_1cG%OmY4LxJnX+2RaSaw>$!+d6ZV*0=#6@wVn zFos9z*P3ga#|6S!GdpJ%6if(ctB0*2kJFdha!X?-m$vLgDU~uEXVS3eGiE{HFx?4l z*|TKM=|-uzVA@41WfZNPt;g?~-n(ps#%enPeN*gx6FIeww+ssEm@Vj9f?(>>l+I{hx%Yg8P;GcpnalRnnQN*={ADhIA` zYL1gGwMI_hIT_CioUPhaq@&XFc!7SA_61)QIOT(bR1Vg+%wkSM3daN@d9#qUit$WF zfk{_`F_ETQ!I&}&OT!{g(r>}9Hf05xb;ro&Gv;0Y*M!W`)zC)e2u^7zz@Z;Q>DCgf zt*6%GQ?Z1yjF%}Mo{^ThB0dY3n^rhIdR2apu4s4-uTzgqJ5>n0q2T}ydc<2A&f&a3 zo%63G-K^@f>HnwcQXo#3X(wxY)AGMOSpEi~FPfE(U_%V>l^AM-na`nW<87kJ`UZJyxY| z@cjxP%6$|;?(c(wW^|$jqi97VBhAc%E4hW|-ZzFPFv+?IPZs8$1S$ygbc)Fcw|)i% zkIHwLPTs^**ZF_-2+s;=uWqZY+W6ZFwBayYZDc;kOnY^w&k1`6^BuVMkg77ljEM^(3Ne|5QRCW$i5vfbi3>OW02AW{i!7YUz2BX4zB%W7$z8Lr6ic6ezx@E9 z2KUyb=ZwAy?UZS-TO<^qNI)S&Gp#WveNN6!kWma9Es4wZ0(LT_j;fQYQ&WRJXICuZ z5BfxuGNe1BY9Oq6qu!y3h(9*%R5eXPIVuF~Vp!Z1b4j)IDzVU5iQV)ivEJll7>^T; z-45)LQ4JeIV%QrA_+t&4CZdMH`k(S}z#kM*$EguD+8NTkWu=`Rtxf$6jcqOMrR5SF z*e~M%>glWWf*qoHOD=QKQ%kN`fFm**aFpIze7TJbvU6x68VdzlLq2~{!f`YUIKj{v zPnAmZvenpvlk`}g&S+&YJGHIOb{QQwO~pw>kCJ<6mHCY#&XU_uV)n>5hhFjR#=^d@1YV3Owzcmspph=?nE*1vjN z$PCSyXXr<=jrxT=R!6Uym24?X>?WPCvX5}+sEQ+d+Z7SM^0M#Vb20yJ-nN z@PTjtfIkDB0Shz!0LP!?IG($^CFz6m$V{@?bMJY5=R4=#zyEvi7l2XxsvyQNY`Zn> zmT+x-QS*e}a1FnyYTwWK;w%cZLS1A`YC5_!8SQrM0i3c48f%78XeRgu9?hR&MsLt6|(1I1QO zd6RoyZt$_5JHhaR3I$1q9Yw|hHl~6DvZZw4F=YnLn+U7a7 z<%!(ZCDmjuQ79N(b=>d`Q=4#I-YgoPpTYpT(-^`D1;Y#{ zw(o{K(5~dZD zsWL5qB(N&p#|LCjw=JI=7FB9f!dywBLQ9&*>y9ZN%|TwR8&(=0;*tVl_EBlOMc9q) z750sak0em4M+S?{nen~SL}wXi?fD2XAV5}j6NY* zN|l(jZQt`r}me8XC@7ll>~Af=6bj_bbdHdTCqFNv}BmWbh> z_I{2uL*wD~!0Rj8_F}^c518WX2tMD zZbt{28T6;^}CcSJ@e;sNn|mkY}m95BtgROM&4S4xm^1XDY?Bjb!!T zk?~rc6epnXY5US70)N;6@CWB-ZgD^i;6AkM249+wks!j|N#- mbw&D-B#tH0jbRx#=_$jwO_sjGxA+d