의미모르는 코드삭제하고 다시추가해보기.. 패스워드 인코딩 로직들 다 지웠다.

2020-02-10 11:29:07 +09:00
parent bba28d9345
commit 39a1fa55fb
5 changed files with 29 additions and 84 deletions
--- a/boot_gradle_security/src/main/java/com/boot/test1/config/SecurityConfig.java
+++ b/boot_gradle_security/src/main/java/com/boot/test1/config/SecurityConfig.java
@@ -1,11 +1,8 @@
 package com.boot.test1.config;

-import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
-import org.springframework.security.crypto.factory.PasswordEncoderFactories;
-import org.springframework.security.crypto.password.PasswordEncoder;

@Configuration
 public class SecurityConfig extends WebSecurityConfigurerAdapter{
@@ -32,14 +29,7 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter{
 			 	.logoutSuccessUrl("/")
 			 	.and()
 			 .exceptionHandling()
-			 	.accessDeniedPage("/accessDenied_page")	
-			 	
-			 	;		
-	}
-	
-	@Bean
-	public PasswordEncoder passwordEncoder() {
-		return PasswordEncoderFactories.createDelegatingPasswordEncoder();
+			 	.accessDeniedPage("/accessDenied_page");		
 	}
 	
 }
--- a/boot_gradle_security/src/main/java/com/boot/test1/controller/AccountController.java
+++ b/boot_gradle_security/src/main/java/com/boot/test1/controller/AccountController.java
@@ -2,8 +2,9 @@ package com.boot.test1.controller;

 import javax.servlet.http.HttpServletRequest;

+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.context.annotation.ComponentScan;
 import org.springframework.stereotype.Controller;
 import org.springframework.ui.Model;
 import org.springframework.web.bind.annotation.GetMapping;
@@ -25,7 +26,9 @@ public class AccountController {
 	@Autowired
 	AccountMapper accountMapper;
 	
-	// ADMIN 계정 부여
+	Logger log = LoggerFactory.getLogger(this.getClass());
+	
+	// ADMIN 계정 부여, 수동으로 계정등록.. 계정정보 하드코딩해서..
 	@RequestMapping("/create")
 	public Account create() {
 		
@@ -40,7 +43,7 @@ public class AccountController {
 		authority.setUserName(adminId);
 		authority.setAuthorityName("ROLE_ADMIN");
 		
-		accountService.save(account, authority);
+		// accountService.save(account, authority);
 		
 		return account;
 	}
@@ -49,7 +52,7 @@ public class AccountController {
 	@RequestMapping(value = "/login", method=RequestMethod.GET )
 	public String login(Model model, HttpServletRequest req) {
 		
-		System.out.println("### /login 입니다 ");
+		log.info("### /login 입니다 ");
 		
 		model.addAttribute( "message", req.getServletContext() );
 		
--- a/boot_gradle_security/src/main/java/com/boot/test1/service/AccountService.java
+++ b/boot_gradle_security/src/main/java/com/boot/test1/service/AccountService.java
@@ -1,21 +1,15 @@
 package com.boot.test1.service;

-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.List;
-
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.core.GrantedAuthority;
-import org.springframework.security.core.authority.SimpleGrantedAuthority;
 import org.springframework.security.core.userdetails.UserDetails;
 import org.springframework.security.core.userdetails.UserDetailsService;
 import org.springframework.security.core.userdetails.UsernameNotFoundException;
-import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.stereotype.Service;

 import com.boot.test1.repo.AccountRepository;
 import com.boot.test1.vo.Account;
-import com.boot.test1.vo.Authority;

@Service
 public class AccountService implements UserDetailsService{
@@ -23,51 +17,19 @@ public class AccountService implements UserDetailsService{
 	@Autowired
 	AccountRepository accounts;
 	
-	@Autowired
-	PasswordEncoder passwordEncoder;
+	Logger log = LoggerFactory.getLogger(this.getClass());

 	@Override
 	public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
 		
-		System.out.println("############### loadUserByUsername ###############");
+		log.info("## loadUserByUsername ##");
 		
 		Account account = accounts.findById(username);
 		
 		if( account == null ) {
-			System.out.println("존재하지않는 ID 입니다.");
-			throw new UsernameNotFoundException(" 존재하지않는 ID 입니다.");
+			log.debug("## 계정정보가 존재하지 않습니다. ##");
+			throw new UsernameNotFoundException(username);
 		}
-		  
-		account.setAuthorities(getAuthorities(username));
-		
 		return account;
 	}
-	
-	public Account save(Account account, Authority authority) {
-		
-		account.setPassword(passwordEncoder.encode(account.getPassword()));
-		account.setAccountNonExpired(true);
-		account.setAccountNonLocked(true);
-		account.setCredentialsNonExpired(true);
-		account.setEnabled(true);
-
-		return accounts.save(account, authority);
-	}
-
-	private Collection<? extends GrantedAuthority> getAuthorities(String username) {
-		
-		List<String> string_authorities = accounts.findauthoritiesbyid(username);
-		
-		if( string_authorities == null ) {
-			System.out.println(" 해당 계정에지정된 권한이 존재하지 않습니다. ");
-			throw new UsernameNotFoundException(" 해당 계정에지정된 권한이 존재하지 않습니다. ");
-		}
-		
-		List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>();
-		
-		for ( String authority : string_authorities ) {
-			authorities.add(new SimpleGrantedAuthority(authority));
-		}
-		return authorities;
-	}
 }
--- a/boot_gradle_security/src/main/java/com/boot/test1/vo/Account.java
+++ b/boot_gradle_security/src/main/java/com/boot/test1/vo/Account.java
@@ -18,7 +18,6 @@ public class Account implements UserDetails{

 		@Override
 		public Collection<? extends GrantedAuthority> getAuthorities() {
-			// TODO Auto-generated method stub
 			return this.authorities;
 		}
 		
--- a/boot_gradle_security/src/main/webapp/WEB-INF/jsp/loginPage.jsp
+++ b/boot_gradle_security/src/main/webapp/WEB-INF/jsp/loginPage.jsp
@@ -1,22 +1,16 @@
-<%@ page language="java" contentType="text/html; charset=UTF-8"
-	pageEncoding="UTF-8"%>
+<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%>
 <!DOCTYPE html>

 <%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c"%>
-<%@ taglib prefix="sec"
-	uri="http://www.springframework.org/security/tags"%>
-<%@ page
-	import="org.springframework.security.core.context.SecurityContextHolder"%>
+<%@ taglib prefix="sec" uri="http://www.springframework.org/security/tags"%>
+<%@ page import="org.springframework.security.core.context.SecurityContextHolder"%>
 <%@ page import="org.springframework.security.core.Authentication"%>

 <html>
 <head>
 <meta charset="UTF-8">
 <title>Insert title here</title>
-<link rel="stylesheet"
-	href="https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css"
-	integrity="sha384-Vkoo8x4CGsO3+Hhxv8T/Q5PaXtkKtu6ug5TOeNV6gBiFeWPGFN9MuhOf23Q9Ifjh"
-	crossorigin="anonymous">
+<link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css" integrity="sha384-Vkoo8x4CGsO3+Hhxv8T/Q5PaXtkKtu6ug5TOeNV6gBiFeWPGFN9MuhOf23Q9Ifjh" crossorigin="anonymous">

 </head>
 <body>
@@ -29,40 +23,37 @@
 					<div class="card-body">
 						<form action='/loginProcess' method='POST'>
 							<div class="form-group">
-								<label for="InputId"> 아이디</label> <input type="text"
-									class="form-control" id="username" name="username"
-									placeholder="ID">
+								<label for="InputId"> 아이디</label><input type="text" class="form-control" id="username" name="username" placeholder="ID">
 							</div>
 							<div class="form-group">
-								<label for="InputPassword1">패스워드</label> <input type="password"
-									class="form-control" id="password" name="password"
-									placeholder="Password">
+								<label for="InputPassword1">패스워드</label> <input type="password" class="form-control" id="password" name="password" placeholder="Password">
 							</div>
 							<div class="checkbox">
 								<label> <input type="checkbox"> 아이디 기억하기
 								</label>
 							</div>
-							<button name="submit" type="submit"
-								class="btn btn-block btn-primary text-light">로그인</button>
+							<button name="submit" type="submit" class="btn btn-block btn-primary text-light">로그인</button>

 							<c:if test="${not empty SPRING_SECURITY_LAST_EXCEPTION}">
 								<font color="red">
 									<p>
-										Your login attempt was not successful due to <br />
-										${sessionScope["SPRING_SECURITY_LAST_EXCEPTION"].message}
+										Your login attempt was not successful due to <br /> ${sessionScope["SPRING_SECURITY_LAST_EXCEPTION"].message}
 									</p> <c:remove var="SPRING_SECURITY_LAST_EXCEPTION" scope="session" />
 								</font>
 							</c:if>
-							<input type="hidden" name="${_csrf.parameterName}"
-								value="${_csrf.token}" /> <br>
+							<input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}" /> <br>

 							<sec:authorize access="isAuthenticated()">
 								<div class="form-group" align="center">
-									<h5><sec:authentication property="principal.username" /> 님, 반갑습니다.</h5> <br>
+									<h5>
+										<sec:authentication property="principal.username" />
+										님, 반갑습니다.
+									</h5>
+									<br>
 									<sec:authorize access="isAuthenticated()">
 										<form action="/logout" method="POST">
 											<input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}" />
-											 <button type="submit" class="btn btn-dark btn-sm">LOGOUT</button>
+											<button type="submit" class="btn btn-dark btn-sm">LOGOUT</button>
 										</form>
 									</sec:authorize>
 								</div>