[Spring] Spring Security 적용

[Spring] Spring Security 적용

작성일자 : 2018년 10월 17일

환경 : Spring Framework 3.1.1, Spring Security 3.1.3

목표 : 최소한의 설정으로 기본 로그인 기능을 추가

1. pom.xml

<dependencies> ...                   <dependency>         <groupId>org.springframework.security</groupId>         <artifactId>spring-security-web</artifactId>         <version>3.1.3.RELEASE</version>     </dependency>          <dependency>         <groupId>org.springframework.security</groupId>         <artifactId>spring-security-config</artifactId>         <version>3.1.3.RELEASE</version>     </dependency> ... </dependencies>

의존성 추가

2. web.xml

<web-app> ... <context-param> <param-name>contextConfigLocation</param-name> <param-value> /WEB-INF/spring/root-context.xml /WEB-INF/spring/security-context.xml </param-value> </context-param>  .. .. <filter> <filter-name>springSecurityFilterChain</filter-name> <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class> </filter> <filter-mapping> <filter-name>springSecurityFilterChain</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> ... </web-app>

모든 경로에 filter 추가, context 등록

3. security-context.xml

<?xml version="1.0" encoding="UTF-8"?> <beans:beans xmlns="http://www.springframework.org/schema/security"   xmlns:beans="http://www.springframework.org/schema/beans"   xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"   xsi:schemaLocation="http://www.springframework.org/schema/beans            http://www.springframework.org/schema/beans/spring-beans-3.1.xsd            http://www.springframework.org/schema/security            http://www.springframework.org/schema/security/spring-security-3.1.xsd">                  <http auto-config='true'>         <intercept-url pattern="/**" access="ROLE_USER" />     </http>             <authentication-manager>         <authentication-provider>             <user-service>                 <user name="guest" password="guest" authorities="ROLE_USER"/>                 </user-service>         </authentication-provider>     </authentication-manager> </beans:beans>

2.에서 추가한 context 경로에 생성

4. 확인

어떤 경로로 접근 하건 기본 로그인 페이지 확인 가능

3. 에서 설정한 guest / guest 로 로그인 가능

+++

Spring과 Spring Security 버전에 따라 오류 발생 가능

참고

http://yakolla.tistory.com/48