{
    "componentChunkName": "component---src-templates-post-template-tsx",
    "path": "/20220430/springsecurity/",
    "result": {"data":{"allMarkdownRemark":{"edges":[{"node":{"html":"<h1>스프링 시큐리티(Spring Security)란?</h1>\n<p>Spring Security는 Spring 기반 애플리케이션의 보안을 담당하는 스프링 하위 프레임워크다.</p>\n<h1>왜 사용하는가 ??</h1>\n<p>Spring Security를 이용하면 “인증” 과 “권한”에 대해 쉽게 <STRIKE>나는 너무 어렵지만</STRIKE> 코드를 작성할 수 있도록 제공되기 때문에 사용한다.\r\n그렇다면 인증 과 권한에 대해 조금 알아보자.</p>\n<h1>인증(Authentication)</h1>\n<p>흔히 로그인 할때 거치는 본인이 맞는지 확인하는 절차이다.</p>\n<h1>권한(Role)</h1>\n<p>인증된 사용자가 자원(Resource)에 접근 가능한지 결정하는 절차를 인가(Authoriation)라고 하는데 인가 절차를 거친 후\r\n사용자가 갖게되는 접근 가능한 권한을 의미한다.</p>\n<h1>스프링 시큐리티 시작하기</h1>\n<h3>1.dependency 추가</h3>\n<p>maven</p>\n<div class=\"gatsby-highlight\" data-language=\"text\"><pre class=\"language-text\"><code class=\"language-text\">&lt;dependency>\r\n    &lt;groupId>org.springframework.boot&lt;/groupId>\r\n    &lt;artifactId>spring-boot-starter-security&lt;/artifactId>\r\n&lt;/dependency></code></pre></div>\n<p>Gradle</p>\n<div class=\"gatsby-highlight\" data-language=\"text\"><pre class=\"language-text\"><code class=\"language-text\">implementation 'org.springframework.boot:spring-boot-starter-security'</code></pre></div>\n<h3>2.기본 설정</h3>\n<p>WebSecurityConfig.java</p>\n<div class=\"gatsby-highlight\" data-language=\"java\"><pre class=\"language-java\"><code class=\"language-java\"><span class=\"token annotation punctuation\">@Configuration</span>\r\n<span class=\"token annotation punctuation\">@EnableWebSecurity</span>\r\n<span class=\"token annotation punctuation\">@RequiredArgsConstructor</span>\r\n<span class=\"token keyword\">public</span> <span class=\"token keyword\">class</span> <span class=\"token class-name\">WebSecurityConfig</span> <span class=\"token keyword\">extends</span> <span class=\"token class-name\">WebSecurityConfigurerAdapter</span> <span class=\"token punctuation\">{</span>\r\n    <span class=\"token keyword\">private</span> <span class=\"token keyword\">final</span> <span class=\"token class-name\">UserService</span> userService<span class=\"token punctuation\">;</span>\r\n\r\n    <span class=\"token annotation punctuation\">@Override</span>\r\n    <span class=\"token keyword\">public</span> <span class=\"token keyword\">void</span> <span class=\"token function\">configure</span><span class=\"token punctuation\">(</span><span class=\"token class-name\">WebSecurity</span> web<span class=\"token punctuation\">)</span> <span class=\"token keyword\">throws</span> <span class=\"token class-name\">Exception</span> <span class=\"token punctuation\">{</span>\r\n        <span class=\"token comment\">//해당 요청은 인증 대상에서 제외</span>\r\n        web<span class=\"token punctuation\">.</span><span class=\"token function\">ignoring</span><span class=\"token punctuation\">(</span><span class=\"token punctuation\">)</span><span class=\"token punctuation\">.</span><span class=\"token function\">antMatchers</span><span class=\"token punctuation\">(</span> <span class=\"token string\">\"/css/**\"</span><span class=\"token punctuation\">,</span> <span class=\"token string\">\"/img/**\"</span><span class=\"token punctuation\">)</span><span class=\"token punctuation\">;</span>\r\n    <span class=\"token punctuation\">}</span>\r\n\r\n    <span class=\"token annotation punctuation\">@Override</span>\r\n    <span class=\"token keyword\">protected</span> <span class=\"token keyword\">void</span> <span class=\"token function\">configure</span><span class=\"token punctuation\">(</span><span class=\"token class-name\">HttpSecurity</span> http<span class=\"token punctuation\">)</span> <span class=\"token keyword\">throws</span> <span class=\"token class-name\">Exception</span> <span class=\"token punctuation\">{</span>\r\n        http<span class=\"token punctuation\">.</span><span class=\"token function\">authorizeRequests</span><span class=\"token punctuation\">(</span><span class=\"token punctuation\">)</span><span class=\"token punctuation\">.</span><span class=\"token function\">antMatchers</span><span class=\"token punctuation\">(</span><span class=\"token string\">\"/login\"</span><span class=\"token punctuation\">,</span> <span class=\"token string\">\"/signUp\"</span><span class=\"token punctuation\">,</span> <span class=\"token string\">\"/access_reject\"</span><span class=\"token punctuation\">,</span> <span class=\"token string\">\"/resources/**\"</span><span class=\"token punctuation\">)</span><span class=\"token punctuation\">.</span><span class=\"token function\">permitAll</span><span class=\"token punctuation\">(</span><span class=\"token punctuation\">)</span>\r\n                <span class=\"token punctuation\">.</span><span class=\"token function\">antMatchers</span><span class=\"token punctuation\">(</span><span class=\"token string\">\"/userAccess\"</span><span class=\"token punctuation\">)</span><span class=\"token punctuation\">.</span><span class=\"token function\">hasRole</span><span class=\"token punctuation\">(</span><span class=\"token string\">\"USER\"</span><span class=\"token punctuation\">)</span>\r\n                <span class=\"token punctuation\">.</span><span class=\"token function\">antMatchers</span><span class=\"token punctuation\">(</span><span class=\"token string\">\"/userAccess\"</span><span class=\"token punctuation\">)</span><span class=\"token punctuation\">.</span><span class=\"token function\">hasRole</span><span class=\"token punctuation\">(</span><span class=\"token string\">\"ADMIN\"</span><span class=\"token punctuation\">)</span>\r\n                <span class=\"token punctuation\">.</span><span class=\"token function\">and</span><span class=\"token punctuation\">(</span><span class=\"token punctuation\">)</span>\r\n            <span class=\"token punctuation\">.</span><span class=\"token function\">formLogin</span><span class=\"token punctuation\">(</span><span class=\"token punctuation\">)</span>\r\n                <span class=\"token punctuation\">.</span><span class=\"token function\">loginPage</span><span class=\"token punctuation\">(</span><span class=\"token string\">\"/login\"</span><span class=\"token punctuation\">)</span>\r\n                <span class=\"token punctuation\">.</span><span class=\"token function\">loginProcessingUrl</span><span class=\"token punctuation\">(</span><span class=\"token string\">\"/login_process\"</span><span class=\"token punctuation\">)</span>\r\n                <span class=\"token punctuation\">.</span><span class=\"token function\">successHandler</span><span class=\"token punctuation\">(</span><span class=\"token keyword\">new</span> <span class=\"token class-name\">LoginSuccessHandler</span><span class=\"token punctuation\">(</span><span class=\"token punctuation\">)</span><span class=\"token punctuation\">)</span>\r\n                <span class=\"token punctuation\">.</span><span class=\"token function\">and</span><span class=\"token punctuation\">(</span><span class=\"token punctuation\">)</span>\r\n            <span class=\"token punctuation\">.</span><span class=\"token function\">cors</span><span class=\"token punctuation\">(</span><span class=\"token punctuation\">)</span><span class=\"token punctuation\">.</span><span class=\"token function\">disable</span><span class=\"token punctuation\">(</span><span class=\"token punctuation\">)</span>\r\n            <span class=\"token punctuation\">.</span><span class=\"token function\">csrf</span><span class=\"token punctuation\">(</span><span class=\"token punctuation\">)</span><span class=\"token punctuation\">.</span><span class=\"token function\">disable</span><span class=\"token punctuation\">(</span><span class=\"token punctuation\">)</span>\r\n    <span class=\"token punctuation\">}</span>\r\n<span class=\"token punctuation\">}</span></code></pre></div>\n<ul>\n<li>@EnableWebSecurity 어노테이션을 선언함으로서 Spring Security를 활성화 시킨다.</li>\n<li>authorizeRequests() : HttpServletReuqest 요청 URL에 따라 접근 권한을 설정한다.</li>\n<li>antMatchers(“/userAccess”) : 요청 URL 경로 패턴을 지정</li>\n<li>permitAll() : 모든 유저에게 접근을 허용</li>\n<li>hasRole(“USER”) : USER라는 권한이 있다면 접근을 허용</li>\n<li>hasRole(“ADMIN”) : ADMIN라는 권한이 있다면 접근을 허용</li>\n<li>formLogin() : form Login 설정</li>\n<li>loginPage(“/login”) : 커스텀 로그인 페이지 경로와 로그인 경로를 설정</li>\n<li>loginProcessingUrl(“login_process”) : POST로 로그인 정보를 보낼 시 경로 (기본값은 /login)</li>\n<li>successHandler() : Spring Security에서 제공하는 FormLogin 성공시 항상 실행시키기 위함(AuthenticationFailureHandler를 구현)</li>\n<li>cors().disable() : Cors 설정하지않음</li>\n<li>csrf().disable() : Csrf 설정하지않음</li>\n</ul>\n<h3>3.로그인 커스텀 페이지 생성</h3>\n<p>login.jsp</p>\n<div class=\"gatsby-highlight\" data-language=\"html\"><pre class=\"language-html\"><code class=\"language-html\"><span class=\"token tag\"><span class=\"token tag\"><span class=\"token punctuation\">&lt;</span>html</span><span class=\"token punctuation\">></span></span>\r\n<span class=\"token tag\"><span class=\"token tag\"><span class=\"token punctuation\">&lt;</span>head</span><span class=\"token punctuation\">></span></span>\r\n    <span class=\"token tag\"><span class=\"token tag\"><span class=\"token punctuation\">&lt;</span>title</span><span class=\"token punctuation\">></span></span>로그인<span class=\"token tag\"><span class=\"token tag\"><span class=\"token punctuation\">&lt;/</span>title</span><span class=\"token punctuation\">></span></span>\r\n<span class=\"token tag\"><span class=\"token tag\"><span class=\"token punctuation\">&lt;/</span>head</span><span class=\"token punctuation\">></span></span>\r\n<span class=\"token tag\"><span class=\"token tag\"><span class=\"token punctuation\">&lt;</span>body</span><span class=\"token punctuation\">></span></span>\r\n<span class=\"token tag\"><span class=\"token tag\"><span class=\"token punctuation\">&lt;</span>div</span> <span class=\"token attr-name\">class</span><span class=\"token attr-value\"><span class=\"token punctuation attr-equals\">=</span><span class=\"token punctuation\">\"</span>container<span class=\"token punctuation\">\"</span></span><span class=\"token punctuation\">></span></span>\r\n    <span class=\"token tag\"><span class=\"token tag\"><span class=\"token punctuation\">&lt;</span>h1</span><span class=\"token punctuation\">></span></span>로그인<span class=\"token tag\"><span class=\"token tag\"><span class=\"token punctuation\">&lt;/</span>h1</span><span class=\"token punctuation\">></span></span>\r\n        <span class=\"token tag\"><span class=\"token tag\"><span class=\"token punctuation\">&lt;</span>form</span> <span class=\"token attr-name\">action</span><span class=\"token attr-value\"><span class=\"token punctuation attr-equals\">=</span><span class=\"token punctuation\">\"</span>/login_process<span class=\"token punctuation\">\"</span></span> <span class=\"token attr-name\">method</span><span class=\"token attr-value\"><span class=\"token punctuation attr-equals\">=</span><span class=\"token punctuation\">\"</span>post<span class=\"token punctuation\">\"</span></span><span class=\"token punctuation\">></span></span>\r\n            <span class=\"token tag\"><span class=\"token tag\"><span class=\"token punctuation\">&lt;</span>div</span> <span class=\"token attr-name\">class</span><span class=\"token attr-value\"><span class=\"token punctuation attr-equals\">=</span><span class=\"token punctuation\">\"</span>form-group<span class=\"token punctuation\">\"</span></span><span class=\"token punctuation\">></span></span>\r\n                <span class=\"token tag\"><span class=\"token tag\"><span class=\"token punctuation\">&lt;</span>label</span> <span class=\"token attr-name\">for</span><span class=\"token attr-value\"><span class=\"token punctuation attr-equals\">=</span><span class=\"token punctuation\">\"</span>id<span class=\"token punctuation\">\"</span></span><span class=\"token punctuation\">></span></span>아이디<span class=\"token tag\"><span class=\"token tag\"><span class=\"token punctuation\">&lt;/</span>label</span><span class=\"token punctuation\">></span></span>\r\n                <span class=\"token tag\"><span class=\"token tag\"><span class=\"token punctuation\">&lt;</span>input</span> <span class=\"token attr-name\">type</span><span class=\"token attr-value\"><span class=\"token punctuation attr-equals\">=</span><span class=\"token punctuation\">\"</span>text<span class=\"token punctuation\">\"</span></span> <span class=\"token attr-name\">name</span><span class=\"token attr-value\"><span class=\"token punctuation attr-equals\">=</span><span class=\"token punctuation\">\"</span>username<span class=\"token punctuation\">\"</span></span> <span class=\"token attr-name\">id</span><span class=\"token attr-value\"><span class=\"token punctuation attr-equals\">=</span><span class=\"token punctuation\">\"</span>id<span class=\"token punctuation\">\"</span></span> <span class=\"token attr-name\">class</span><span class=\"token attr-value\"><span class=\"token punctuation attr-equals\">=</span><span class=\"token punctuation\">\"</span>form-control<span class=\"token punctuation\">\"</span></span> <span class=\"token attr-name\">placeholder</span><span class=\"token attr-value\"><span class=\"token punctuation attr-equals\">=</span><span class=\"token punctuation\">\"</span>아이디 입력해주세요<span class=\"token punctuation\">\"</span></span><span class=\"token punctuation\">></span></span>\r\n            <span class=\"token tag\"><span class=\"token tag\"><span class=\"token punctuation\">&lt;/</span>div</span><span class=\"token punctuation\">></span></span>\r\n            <span class=\"token tag\"><span class=\"token tag\"><span class=\"token punctuation\">&lt;</span>div</span> <span class=\"token attr-name\">class</span><span class=\"token attr-value\"><span class=\"token punctuation attr-equals\">=</span><span class=\"token punctuation\">\"</span>form-group<span class=\"token punctuation\">\"</span></span><span class=\"token punctuation\">></span></span>\r\n                <span class=\"token tag\"><span class=\"token tag\"><span class=\"token punctuation\">&lt;</span>label</span> <span class=\"token attr-name\">for</span><span class=\"token attr-value\"><span class=\"token punctuation attr-equals\">=</span><span class=\"token punctuation\">\"</span>password<span class=\"token punctuation\">\"</span></span><span class=\"token punctuation\">></span></span>비밀번호<span class=\"token tag\"><span class=\"token tag\"><span class=\"token punctuation\">&lt;/</span>label</span><span class=\"token punctuation\">></span></span>\r\n                <span class=\"token tag\"><span class=\"token tag\"><span class=\"token punctuation\">&lt;</span>input</span> <span class=\"token attr-name\">type</span><span class=\"token attr-value\"><span class=\"token punctuation attr-equals\">=</span><span class=\"token punctuation\">\"</span>password<span class=\"token punctuation\">\"</span></span> <span class=\"token attr-name\">class</span><span class=\"token attr-value\"><span class=\"token punctuation attr-equals\">=</span><span class=\"token punctuation\">\"</span>form-control<span class=\"token punctuation\">\"</span></span> <span class=\"token attr-name\">id</span><span class=\"token attr-value\"><span class=\"token punctuation attr-equals\">=</span><span class=\"token punctuation\">\"</span>password<span class=\"token punctuation\">\"</span></span> <span class=\"token attr-name\">name</span><span class=\"token attr-value\"><span class=\"token punctuation attr-equals\">=</span><span class=\"token punctuation\">\"</span>password<span class=\"token punctuation\">\"</span></span> <span class=\"token attr-name\">placeholder</span><span class=\"token attr-value\"><span class=\"token punctuation attr-equals\">=</span><span class=\"token punctuation\">\"</span>비밀번호 입력해주세요<span class=\"token punctuation\">\"</span></span><span class=\"token punctuation\">></span></span>\r\n            <span class=\"token tag\"><span class=\"token tag\"><span class=\"token punctuation\">&lt;/</span>div</span><span class=\"token punctuation\">></span></span>\r\n            <span class=\"token tag\"><span class=\"token tag\"><span class=\"token punctuation\">&lt;</span>button</span> <span class=\"token attr-name\">type</span><span class=\"token attr-value\"><span class=\"token punctuation attr-equals\">=</span><span class=\"token punctuation\">\"</span>submit<span class=\"token punctuation\">\"</span></span> <span class=\"token attr-name\">class</span><span class=\"token attr-value\"><span class=\"token punctuation attr-equals\">=</span><span class=\"token punctuation\">\"</span>btn btn-primary<span class=\"token punctuation\">\"</span></span><span class=\"token punctuation\">></span></span>로그인<span class=\"token tag\"><span class=\"token tag\"><span class=\"token punctuation\">&lt;/</span>button</span><span class=\"token punctuation\">></span></span>\r\n            <span class=\"token tag\"><span class=\"token tag\"><span class=\"token punctuation\">&lt;</span>button</span> <span class=\"token attr-name\">type</span><span class=\"token attr-value\"><span class=\"token punctuation attr-equals\">=</span><span class=\"token punctuation\">\"</span>button<span class=\"token punctuation\">\"</span></span> <span class=\"token attr-name\">class</span><span class=\"token attr-value\"><span class=\"token punctuation attr-equals\">=</span><span class=\"token punctuation\">\"</span>btn btn-primary<span class=\"token punctuation\">\"</span></span> <span class=\"token special-attr\"><span class=\"token attr-name\">onClick</span><span class=\"token attr-value\"><span class=\"token punctuation attr-equals\">=</span><span class=\"token punctuation\">\"</span><span class=\"token value javascript language-javascript\">location<span class=\"token punctuation\">.</span>href<span class=\"token operator\">=</span><span class=\"token string\">'signUp'</span></span><span class=\"token punctuation\">\"</span></span></span><span class=\"token punctuation\">></span></span>회원가입<span class=\"token tag\"><span class=\"token tag\"><span class=\"token punctuation\">&lt;/</span>button</span><span class=\"token punctuation\">></span></span>\r\n        <span class=\"token tag\"><span class=\"token tag\"><span class=\"token punctuation\">&lt;/</span>form</span><span class=\"token punctuation\">></span></span>\r\n    <span class=\"token tag\"><span class=\"token tag\"><span class=\"token punctuation\">&lt;</span>br</span><span class=\"token punctuation\">/></span></span>\r\n<span class=\"token tag\"><span class=\"token tag\"><span class=\"token punctuation\">&lt;/</span>div</span><span class=\"token punctuation\">></span></span>\r\n<span class=\"token tag\"><span class=\"token tag\"><span class=\"token punctuation\">&lt;/</span>body</span><span class=\"token punctuation\">></span></span>\r\n<span class=\"token tag\"><span class=\"token tag\"><span class=\"token punctuation\">&lt;/</span>html</span><span class=\"token punctuation\">></span></span></code></pre></div>\n<ul>\n<li>WebSecurityConfig.java에서 loginProcessingUrl(“login_process”) 설정했으므로 Post 방식 이용</li>\n</ul>\n<h3>4.UserDetailsService를 상속 받은 UserService 생성</h3>\n<p>UserService.java</p>\n<div class=\"gatsby-highlight\" data-language=\"java\"><pre class=\"language-java\"><code class=\"language-java\"><span class=\"token keyword\">public</span> <span class=\"token keyword\">class</span> <span class=\"token class-name\">UserService</span> <span class=\"token keyword\">implements</span> <span class=\"token class-name\">UserDetailsService</span> <span class=\"token punctuation\">{</span>\r\n\r\n    <span class=\"token annotation punctuation\">@Autowired</span>\r\n    <span class=\"token keyword\">private</span> <span class=\"token class-name\">UserMapper</span> mapper<span class=\"token punctuation\">;</span>\r\n\r\n    <span class=\"token annotation punctuation\">@Override</span>\r\n    <span class=\"token keyword\">public</span> <span class=\"token class-name\">UserVO</span> <span class=\"token function\">loadUserByUsername</span><span class=\"token punctuation\">(</span><span class=\"token class-name\">String</span> username<span class=\"token punctuation\">)</span> <span class=\"token keyword\">throws</span> <span class=\"token class-name\">UsernameNotFoundException</span> <span class=\"token punctuation\">{</span>\r\n        <span class=\"token class-name\">UserVO</span> userVO <span class=\"token operator\">=</span> userMapper<span class=\"token punctuation\">.</span><span class=\"token function\">getUser</span><span class=\"token punctuation\">(</span>username<span class=\"token punctuation\">)</span><span class=\"token punctuation\">;</span> <span class=\"token comment\">//DB로부터 회원정보를 가져와 회원이 존재하는지 확인</span>\r\n\r\n        <span class=\"token keyword\">if</span><span class=\"token punctuation\">(</span>userVO <span class=\"token operator\">==</span> <span class=\"token keyword\">null</span><span class=\"token punctuation\">)</span> <span class=\"token punctuation\">{</span> \r\n            <span class=\"token keyword\">throw</span> <span class=\"token keyword\">new</span> <span class=\"token class-name\">UsernameNotFoundException</span><span class=\"token punctuation\">(</span><span class=\"token string\">\"유저 정보 존재하지않음\"</span><span class=\"token punctuation\">)</span><span class=\"token punctuation\">;</span>\r\n        <span class=\"token punctuation\">}</span>\r\n\r\n        <span class=\"token keyword\">return</span> userVO<span class=\"token punctuation\">;</span>\r\n    <span class=\"token punctuation\">}</span>\r\n<span class=\"token punctuation\">}</span></code></pre></div>\n<ul>\n<li>login_process가 실행되면서 자동으로 UserDetailsService 타입으로 Ioc 되어있는 loadUserByUsername 실행</li>\n<li>loadUserByUsername의 Parameter인 username는 login.jsp에 name=\"\"값과 동일해야함.</li>\n</ul>\n<h3>5. AuthenticationSuccessHandler를 상속받은 LoginSuccessHandler 생성</h3>\n<p>LoginSuccessHandler.java</p>\n<div class=\"gatsby-highlight\" data-language=\"java\"><pre class=\"language-java\"><code class=\"language-java\"><span class=\"token annotation punctuation\">@Override</span>\r\n<span class=\"token keyword\">public</span> <span class=\"token keyword\">class</span> <span class=\"token class-name\">LoginSuccessHandler</span> <span class=\"token keyword\">implements</span> <span class=\"token class-name\">AuthenticationSuccessHandler</span> <span class=\"token punctuation\">{</span>\r\n    <span class=\"token annotation punctuation\">@Override</span>\r\n    <span class=\"token keyword\">public</span> <span class=\"token keyword\">void</span> <span class=\"token function\">onAuthenticationSuccess</span><span class=\"token punctuation\">(</span><span class=\"token class-name\">HttpServletRequest</span> request<span class=\"token punctuation\">,</span> <span class=\"token class-name\">HttpServletResponse</span> response<span class=\"token punctuation\">,</span> <span class=\"token class-name\">Authentication</span> authentication<span class=\"token punctuation\">)</span> <span class=\"token keyword\">throws</span> <span class=\"token class-name\">IOException</span> <span class=\"token punctuation\">{</span>\r\n        <span class=\"token class-name\">HttpSession</span> session <span class=\"token operator\">=</span> request<span class=\"token punctuation\">.</span><span class=\"token function\">getSession</span><span class=\"token punctuation\">(</span><span class=\"token punctuation\">)</span><span class=\"token punctuation\">;</span>\r\n        session<span class=\"token punctuation\">.</span><span class=\"token function\">setAttribute</span><span class=\"token punctuation\">(</span><span class=\"token string\">\"name\"</span><span class=\"token punctuation\">,</span> authentication<span class=\"token punctuation\">.</span><span class=\"token function\">getName</span><span class=\"token punctuation\">(</span><span class=\"token punctuation\">)</span><span class=\"token punctuation\">)</span><span class=\"token punctuation\">;</span>\r\n        response<span class=\"token punctuation\">.</span><span class=\"token function\">sendRedirect</span><span class=\"token punctuation\">(</span><span class=\"token string\">\"/user_access\"</span><span class=\"token punctuation\">)</span><span class=\"token punctuation\">;</span>  \r\n    <span class=\"token punctuation\">}</span>\r\n<span class=\"token punctuation\">}</span></code></pre></div>\n<ul>\n<li>로그인 성공시 user_access로 Redirect</li>\n</ul>\n<h3>6.UserController 생성</h3>\n<p>UserController.java</p>\n<div class=\"gatsby-highlight\" data-language=\"java\"><pre class=\"language-java\"><code class=\"language-java\"><span class=\"token annotation punctuation\">@Controller</span>\r\n<span class=\"token keyword\">public</span> <span class=\"token keyword\">class</span> <span class=\"token class-name\">UserController</span> <span class=\"token punctuation\">{</span>\r\n\r\n    <span class=\"token annotation punctuation\">@Autowired</span>\r\n    <span class=\"token class-name\">UserService</span> userService<span class=\"token punctuation\">;</span>\r\n\r\n    <span class=\"token annotation punctuation\">@GetMapping</span><span class=\"token punctuation\">(</span><span class=\"token string\">\"/user_access\"</span><span class=\"token punctuation\">)</span>\r\n    <span class=\"token keyword\">public</span> <span class=\"token class-name\">String</span> <span class=\"token function\">userAccess</span><span class=\"token punctuation\">(</span><span class=\"token class-name\">Model</span> model<span class=\"token punctuation\">,</span> <span class=\"token class-name\">Authentication</span> authentication<span class=\"token punctuation\">)</span> <span class=\"token punctuation\">{</span>\r\n        <span class=\"token class-name\">UserVO</span> userVO <span class=\"token operator\">=</span> <span class=\"token punctuation\">(</span><span class=\"token class-name\">UserVO</span><span class=\"token punctuation\">)</span> authentication<span class=\"token punctuation\">.</span><span class=\"token function\">getPrincipal</span><span class=\"token punctuation\">(</span><span class=\"token punctuation\">)</span><span class=\"token punctuation\">;</span> <span class=\"token comment\">//현재 로그인한 유저의 정보를 받아온다.</span>\r\n        model<span class=\"token punctuation\">.</span><span class=\"token function\">addAttribute</span><span class=\"token punctuation\">(</span><span class=\"token string\">\"userInfo\"</span><span class=\"token punctuation\">,</span> userVO<span class=\"token punctuation\">.</span><span class=\"token function\">getId</span><span class=\"token punctuation\">(</span><span class=\"token punctuation\">)</span> <span class=\"token operator\">+</span> <span class=\"token string\">\"님의\"</span> <span class=\"token operator\">+</span> userVO<span class=\"token punctuation\">.</span><span class=\"token function\">getUserName</span><span class=\"token punctuation\">(</span><span class=\"token punctuation\">)</span> <span class=\"token operator\">+</span> <span class=\"token string\">\"님\"</span><span class=\"token punctuation\">)</span><span class=\"token punctuation\">;</span>\r\n        <span class=\"token keyword\">return</span> <span class=\"token string\">\"user_access\"</span><span class=\"token punctuation\">;</span>\r\n    <span class=\"token punctuation\">}</span>\r\n<span class=\"token punctuation\">}</span></code></pre></div>\n<ul>\n<li>authentication 객체에 로그인한 유저정보(DB에서 가져온) 담겨져있음</li>\n<li>로그인 성공시 결국엔 user_access.jsp로 이동</li>\n</ul>\n<h3>7.user_access.jsp 생성</h3>\n<p>user_access.jsp</p>\n<div class=\"gatsby-highlight\" data-language=\"html\"><pre class=\"language-html\"><code class=\"language-html\"><span class=\"token tag\"><span class=\"token tag\"><span class=\"token punctuation\">&lt;</span>html</span><span class=\"token punctuation\">></span></span>\r\n<span class=\"token tag\"><span class=\"token tag\"><span class=\"token punctuation\">&lt;</span>head</span><span class=\"token punctuation\">></span></span>\r\n    <span class=\"token tag\"><span class=\"token tag\"><span class=\"token punctuation\">&lt;</span>title</span><span class=\"token punctuation\">></span></span>main<span class=\"token tag\"><span class=\"token tag\"><span class=\"token punctuation\">&lt;/</span>title</span><span class=\"token punctuation\">></span></span>\r\n<span class=\"token tag\"><span class=\"token tag\"><span class=\"token punctuation\">&lt;/</span>head</span><span class=\"token punctuation\">></span></span>\r\n<span class=\"token tag\"><span class=\"token tag\"><span class=\"token punctuation\">&lt;</span>body</span><span class=\"token punctuation\">></span></span>\r\n<span class=\"token tag\"><span class=\"token tag\"><span class=\"token punctuation\">&lt;</span>h1</span><span class=\"token punctuation\">></span></span>환영합니다!!!<span class=\"token tag\"><span class=\"token tag\"><span class=\"token punctuation\">&lt;/</span>h1</span><span class=\"token punctuation\">></span></span>\r\n&lt;%\r\n    String name = (String) session.getAttribute(\"name\");\r\n%>\r\n<span class=\"token tag\"><span class=\"token tag\"><span class=\"token punctuation\">&lt;</span>a</span> <span class=\"token attr-name\">href</span><span class=\"token attr-value\"><span class=\"token punctuation attr-equals\">=</span><span class=\"token punctuation\">\"</span>#<span class=\"token punctuation\">\"</span></span><span class=\"token punctuation\">></span></span>&lt;%=name%>님 환영합니다!<span class=\"token tag\"><span class=\"token tag\"><span class=\"token punctuation\">&lt;/</span>a</span><span class=\"token punctuation\">></span></span>\r\n<span class=\"token tag\"><span class=\"token tag\"><span class=\"token punctuation\">&lt;/</span>body</span><span class=\"token punctuation\">></span></span>\r\n<span class=\"token tag\"><span class=\"token tag\"><span class=\"token punctuation\">&lt;/</span>html</span><span class=\"token punctuation\">></span></span></code></pre></div>\n<ul>\n<li>LoginSuccessHandler.java에서 Session 객체에 로그인한 유저 이름이 담겨서 보냈으므로 로그인 성공시 로그인한 이름을 보여준다.</li>\n</ul>\n<h3>8.결과</h3>\n<h4>-로그인 화면</h4>\n<h3><span class=\"gatsby-resp-image-wrapper\" style=\"position: relative; display: block; margin-left: auto; margin-right: auto; max-width: 768px; \">\n      <a class=\"gatsby-resp-image-link\" href=\"/static/bf796263a0884de045ef01bd11632fba/75b60/springsecurity2.png\" style=\"display: block\" target=\"_blank\" rel=\"noopener\">\n    <span class=\"gatsby-resp-image-background-image\" style=\"padding-bottom: 25%; position: relative; bottom: 0; left: 0; background-image: url('data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABQAAAAFCAYAAABFA8wzAAAACXBIWXMAAA7DAAAOwwHHb6hkAAAAcUlEQVQY06WQUQrCQBBD9/4XEe9RD6FgQYQKXfrR2eKudmZe2eoF2gbC5CchmVBKIcaIiFDh7ocYcs6MklBzzAw3W+9eBtcZ/7xrN3BD9WDgc5g4X1pOzZ1Hn9bZWptunGp/T0j5y+0lXLuRqn9/ZDcWqIeJ00QzQ+8AAAAASUVORK5CYII='); background-size: cover; display: block;\"></span>\n  <picture>\n          <source srcset=\"/static/bf796263a0884de045ef01bd11632fba/a59e9/springsecurity2.webp 192w,\n/static/bf796263a0884de045ef01bd11632fba/0ca9f/springsecurity2.webp 384w,\n/static/bf796263a0884de045ef01bd11632fba/dc9b9/springsecurity2.webp 768w,\n/static/bf796263a0884de045ef01bd11632fba/e2c2f/springsecurity2.webp 1152w,\n/static/bf796263a0884de045ef01bd11632fba/437c9/springsecurity2.webp 1210w\" sizes=\"(max-width: 768px) 100vw, 768px\" type=\"image/webp\">\n          <source srcset=\"/static/bf796263a0884de045ef01bd11632fba/3b721/springsecurity2.png 192w,\n/static/bf796263a0884de045ef01bd11632fba/66595/springsecurity2.png 384w,\n/static/bf796263a0884de045ef01bd11632fba/fe486/springsecurity2.png 768w,\n/static/bf796263a0884de045ef01bd11632fba/d2d74/springsecurity2.png 1152w,\n/static/bf796263a0884de045ef01bd11632fba/75b60/springsecurity2.png 1210w\" sizes=\"(max-width: 768px) 100vw, 768px\" type=\"image/png\">\n          <img class=\"gatsby-resp-image-image\" src=\"/static/bf796263a0884de045ef01bd11632fba/fe486/springsecurity2.png\" alt=\"springsecurity2\" title=\"springsecurity2\" loading=\"lazy\" decoding=\"async\" style=\"width:100%;height:100%;margin:0;vertical-align:middle;position:absolute;top:0;left:0;\">\n        </picture>\n  </a>\n    </span></h3>\n<hr>\n<h4>-로그인 성공시</h4>\n<h3><span class=\"gatsby-resp-image-wrapper\" style=\"position: relative; display: block; margin-left: auto; margin-right: auto; max-width: 375px; \">\n      <a class=\"gatsby-resp-image-link\" href=\"/static/6eec7714f604d8fb31425f3eeb4b418e/ae393/springsecurity3.png\" style=\"display: block\" target=\"_blank\" rel=\"noopener\">\n    <span class=\"gatsby-resp-image-background-image\" style=\"padding-bottom: 52.60416666666667%; position: relative; bottom: 0; left: 0; background-image: url('data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABQAAAALCAYAAAB/Ca1DAAAACXBIWXMAAA7DAAAOwwHHb6hkAAAA3UlEQVQoz82PwU7CQBRF+XD5BBbWDSw1gQUaExJkwTdITFwYpNBh2iYwE0pTnAqttMdQozvDYFxwkrt77+Te2swThGGIJwQTd0IUrcizHK0VWmk2SYIxKQfKsuQYtcalQ6vZxHGuqNcv6HRuGDwM6fXuaV+3ueve0h8Mq+OiKI4LpzMPKQVS+jyNRiyWS+ZiThzHBH6AUopVtLZviCU2skooxgv8V4X7HPLyKPGnmsBVxGvzM/NbZtXQJFtMsiPdfOX9LWObZnzk+5OaWU0+VVYJD0+/5d8b/oXzF34Cj3xYaP5EajcAAAAASUVORK5CYII='); background-size: cover; display: block;\"></span>\n  <picture>\n          <source srcset=\"/static/6eec7714f604d8fb31425f3eeb4b418e/a59e9/springsecurity3.webp 192w,\n/static/6eec7714f604d8fb31425f3eeb4b418e/e922d/springsecurity3.webp 375w\" sizes=\"(max-width: 375px) 100vw, 375px\" type=\"image/webp\">\n          <source srcset=\"/static/6eec7714f604d8fb31425f3eeb4b418e/3b721/springsecurity3.png 192w,\n/static/6eec7714f604d8fb31425f3eeb4b418e/ae393/springsecurity3.png 375w\" sizes=\"(max-width: 375px) 100vw, 375px\" type=\"image/png\">\n          <img class=\"gatsby-resp-image-image\" src=\"/static/6eec7714f604d8fb31425f3eeb4b418e/ae393/springsecurity3.png\" alt=\"springsecurity3\" title=\"springsecurity3\" loading=\"lazy\" decoding=\"async\" style=\"width:100%;height:100%;margin:0;vertical-align:middle;position:absolute;top:0;left:0;\">\n        </picture>\n  </a>\n    </span></h3>\n<h3>자세한 정보는</h3>\n<p><a href=\"https://github.com/gijoongjang/springSecurityExample\" target=\"_blank\" rel=\"nofollow\">https://github.com/gijoongjang/springSecurityExample</a></p>","frontmatter":{"title":"스프링 시큐리티 기본 개념 및 구현","summary":"SpringSecurity,Springboot","date":"2022.04.30.","categories":["Springboot"],"thumbnail":{"childImageSharp":{"gatsbyImageData":{"layout":"constrained","placeholder":{"fallback":"data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABQAAAAJCAIAAAC9o5sfAAAACXBIWXMAAAsTAAALEwEAmpwYAAABgUlEQVQoz52RTUsCURSG/Tn9njZtgqBFu6BdiwIXgZEEmYQmWfQppWZmEqEh2geRRqaOOn2Mo9CM6WTW1GCj954TzpWKlr3cxTn3vQ+c814T/hUYhxUIQBGRAqVAjBbYDXNNjJBVsVBPqp8vxlPSoW1EbBMdAAy3pGgysyjQNtEZ1YXf9dfpxLD5eMDP2RExWHCelUOHt6v7RVe85PNz85H7zWDB6cvZYiVvQgz4OXtM2OnBL62a9XTEk7FupC0ANMwv72TnttLTDa1qiQ+Fii6udjEZ7RcaubXrqeUrs6JJnpuZHgwAtvPRQW9fQgwg4kk5uJd3rFyZD3h3vLR7p1xLqhDgFp41OS3Hvdk5+8UYm9EExuqKJqUeIywVROhQ/aFxQ4zNKRBCO4jI2kI9eXS3/vRe+QkMetnCd62TVph3L6Umwrzbx9l2Ofvi5fh2dnYv7wgVXanH6C8YgAKB3id1RaAjvQkPjYysCrIqSG+C2MxXmsWqKiofUrNV/4H/py95Qd9uXuOhkwAAAABJRU5ErkJggg=="},"images":{"fallback":{"src":"/static/20f77ed2176d18dc9bd459ed278f6393/29ced/springsecurity1.png","srcSet":"/static/20f77ed2176d18dc9bd459ed278f6393/0128b/springsecurity1.png 85w,\n/static/20f77ed2176d18dc9bd459ed278f6393/d2935/springsecurity1.png 171w,\n/static/20f77ed2176d18dc9bd459ed278f6393/29ced/springsecurity1.png 341w","sizes":"(min-width: 341px) 341px, 100vw"},"sources":[{"srcSet":"/static/20f77ed2176d18dc9bd459ed278f6393/8915c/springsecurity1.webp 85w,\n/static/20f77ed2176d18dc9bd459ed278f6393/d5068/springsecurity1.webp 171w,\n/static/20f77ed2176d18dc9bd459ed278f6393/442b0/springsecurity1.webp 341w","type":"image/webp","sizes":"(min-width: 341px) 341px, 100vw"}]},"width":341,"height":148}},"publicURL":"/static/20f77ed2176d18dc9bd459ed278f6393/springsecurity1.png"}}}}]}},"pageContext":{"slug":"/20220430/springsecurity/"}},
    "staticQueryHashes": []}