mindol1004/spring-security-study
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

스프링 시큐리티 기본 설정 및 테스트

Browse Source
This commit is contained in:
Daeil Choi
2023-01-19 14:58:29 +09:00
parent 4f6813dfe5
commit e10762afc8
8 changed files with 205 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
src/main/java/com/example/springsecuritystudy/HomeController.java Normal file
View File

@@ -0,0 +1,19 @@
package com.example.springsecuritystudy;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
@Controller
public class HomeController {
@GetMapping("/user")
public String user() {
return "user";
}
@GetMapping("/admin")
public String admin() {
return "admin";
}
}

47
src/main/java/com/example/springsecuritystudy/SecurityConfig.java Normal file
View File

@@ -0,0 +1,47 @@
package com.example.springsecuritystudy;
import org.springframework.context.annotation.Bean;
import org.springframework.security.config.Customizer;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.provisioning.InMemoryUserDetailsManager;
import org.springframework.security.web.SecurityFilterChain;
@EnableWebSecurity
public class SecurityConfig {
@Bean
public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
http
.authorizeHttpRequests(authorize -> authorize
.antMatchers("/user").hasRole("USER")
.antMatchers("/admin").hasRole("ADMIN")
.anyRequest().authenticated()
)
.httpBasic(Customizer.withDefaults())
.formLogin(Customizer.withDefaults())
.logout()
.logoutSuccessUrl("/login")
;
return http.build();
}
@Bean
public UserDetailsService users() {
User.UserBuilder users = User.withDefaultPasswordEncoder();
UserDetails user = users
.username("user")
.password("user")
.roles("USER")
.build();
UserDetails admin = users
.username("admin")
.password("admin")
.roles("ADMIN")
.build();
return new InMemoryUserDetailsManager(user, admin);
}
}