mindol1004/BasicSecurity
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Security

Browse Source
This commit is contained in:
JianChoi-Kor
2022-07-17 23:06:44 +09:00
parent e9e22bb76e
commit 1cbacde795
5 changed files with 44 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
src/main/java/com/security/basic/persistence/model/Privilege.java
View File

@@ -1,6 +1,5 @@
package com.security.basic.persistence.model;
import lombok.AllArgsConstructor;
import lombok.Getter;
import lombok.NoArgsConstructor;
import lombok.Setter;
@@ -9,20 +8,21 @@ import javax.persistence.*;
import java.util.Collection;
@Entity
@NoArgsConstructor
@Getter
@Setter
@NoArgsConstructor
@Table(name = "privileges")
public class Privilege {
//고유값
@Id
@Column(unique = true, nullable = false)
@GeneratedValue(strategy = GenerationType.IDENTITY)
@Column(name = "id", nullable = false)
private Long id;
private String name;
@ManyToMany(mappedBy = "privileges", fetch = FetchType.EAGER)
@ManyToMany(mappedBy = "privileges")
private Collection<Role> roles;
public Privilege(final String name) {

15
src/main/java/com/security/basic/persistence/model/Role.java
View File

@@ -1,8 +1,6 @@
package com.security.basic.persistence.model;
import lombok.AllArgsConstructor;
import lombok.Getter;
import lombok.NoArgsConstructor;
import lombok.Setter;
import javax.persistence.*;
@@ -14,21 +12,24 @@ import java.util.Collection;
@Table(name = "roles")
public class Role {
//고유값
@Id
@Column(unique = true, nullable = false)
@GeneratedValue(strategy = GenerationType.IDENTITY)
@Column(name = "id", nullable = false)
private Long id;
private String name;
@ManyToMany(mappedBy = "roles", fetch = FetchType.EAGER)
@ManyToMany(mappedBy = "roles")
private Collection<User> users;
@ManyToMany
@ManyToMany(fetch = FetchType.EAGER)
@JoinTable(
name = "roles_privileges",
joinColumns = @JoinColumn(name = "role_id", referencedColumnName = "id"),
inverseJoinColumns = @JoinColumn(name = "privilege_id", referencedColumnName = "id")
joinColumns = @JoinColumn(
name = "role_id", referencedColumnName = "id"),
inverseJoinColumns = @JoinColumn(
name = "privilege_id", referencedColumnName = "id")
)
private Collection<Privilege> privileges;

12
src/main/java/com/security/basic/persistence/model/User.java
View File

@@ -5,19 +5,19 @@ import lombok.*;
import javax.persistence.*;
import java.util.Collection;
@Entity
@Builder
@AllArgsConstructor
@NoArgsConstructor
@Getter
@Setter
@AllArgsConstructor
@NoArgsConstructor
@Table(name = "users")
public class User {
//고유값
@Id
@Column(unique = true, nullable = false)
@GeneratedValue(strategy = GenerationType.IDENTITY)
@Column(name = "id", unique = true, nullable = false)
private Long id;
private String email;
@@ -27,8 +27,8 @@ public class User {
@ManyToMany(fetch = FetchType.EAGER)
@JoinTable(
name = "users_roles",
joinColumns = @JoinColumn(name = "user_id", referencedColumnName = "id"),
inverseJoinColumns = @JoinColumn(name = "role_id", referencedColumnName = "id")
joinColumns = {@JoinColumn(name = "user_id", referencedColumnName = "id")},
inverseJoinColumns = {@JoinColumn(name = "role_id", referencedColumnName = "id")}
)
private Collection<Role> roles;
}

1
src/main/java/com/security/basic/security/CustomUserDetailsService.java
View File

@@ -13,6 +13,7 @@ import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Component;
import javax.transaction.Transactional;
import java.util.ArrayList;
import java.util.Collection;
import java.util.List;

27
src/main/java/com/security/basic/security/WebSecurityConfigure.java
View File

@@ -6,10 +6,13 @@ import org.springframework.boot.autoconfigure.security.servlet.PathRequest;
import org.springframework.boot.web.servlet.ServletListenerRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.access.hierarchicalroles.RoleHierarchy;
import org.springframework.security.access.hierarchicalroles.RoleHierarchyImpl;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.access.expression.DefaultWebSecurityExpressionHandler;
import org.springframework.security.web.authentication.AuthenticationFailureHandler;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
import org.springframework.security.web.session.HttpSessionEventPublisher;
@@ -39,12 +42,12 @@ public class WebSecurityConfigure {
//permitAll시 해당 url에 대한 인증 정보를 요구하지 않는다.
//authenticated시 해당 url에는 인증 정보를 요구한다.(로그인 필요)
//hasAnyRole시 해당 url에는 특정 권한 정보를 요구한다.
http
.authorizeRequests()
.antMatchers("/home").permitAll()
// http
// .authorizeRequests()
// .antMatchers("/home").permitAll()
// .antMatchers("/user").hasAnyRole("USER", "ADMIN")
// .antMatchers("/admin").hasAnyRole("ADMIN")
.anyRequest().authenticated();
// .anyRequest().authenticated();
http
.authorizeHttpRequests()
@@ -90,6 +93,22 @@ public class WebSecurityConfigure {
return new ServletListenerRegistrationBean(new HttpSessionEventPublisher());
}
@Bean
public RoleHierarchy roleHierarchy() {
RoleHierarchyImpl roleHierarchy = new RoleHierarchyImpl();
String hierarchy = "ROLE_ADMIN > ROLE_USER";
roleHierarchy.setHierarchy(hierarchy);
return roleHierarchy;
}
@Bean
public DefaultWebSecurityExpressionHandler webSecurityExpressionHandler() {
DefaultWebSecurityExpressionHandler expressionHandler = new DefaultWebSecurityExpressionHandler();
expressionHandler.setRoleHierarchy(roleHierarchy());
return expressionHandler;
}
@Bean
public AuthenticationSuccessHandler successHandler() {
return new CustomAuthSuccessHandler();