본문 바로가기
Spring/Spring 기초

e7e샘의 시큐리티 설정2(멀티)

by 미눅스[멘토] 2023. 8. 30.
728x90

security-context.xml

security:gttp요청 /angel/로 하나 복사함

youlogin으로 

그럼 밑에 이런 에러가 남

이유는  원래 pattern="/**"이 생략되어있음

그래서 하나로 쓰면 생략이 가능한데 

멀티로 쓰면 두개의 parrern을 다르게 줘야함

 

package com.minu.sec.controller;

import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;

@Controller
public class LoginController {

	@GetMapping("/angma/mylogin")
	public String myLogin() {
		return "mylogin";
	}
	
	
	@GetMapping("/mlogin")
	public String mlogin() {
		return "mlogin";
	}
	
	@GetMapping("/angel/youlogin")
	public String youlogin() {
		return "ylogin";
	}
	
}
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
   xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
   xmlns:security="http://www.springframework.org/schema/security"
   xsi:schemaLocation="http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-5.8.xsd
      http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd">
      
      <bean id="bCryptPasswordEncoder" class="org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder"/>
      <!--웹 보안  -->
      <!-- 멀티설정에는 기본제공 로그인 페이지를 사용못함! -->
      <security:http pattern="/angma/**">
      	<security:intercept-url pattern="/angma/aaa" access="hasRole('ROLE_SUJI')"/>
      	<security:form-login  login-page="/angma/mylogin" />
      </security:http>
      
      <security:http pattern="/angel/**">
      	<security:intercept-url pattern="/angel/aaa" access="hasRole('ROLE_JINJU')"/>
      	<security:form-login  login-page="/angel/youlogin" />
      </security:http>
      
      <!-- 나머지 전부 안됨! 나의 미스테이크 -->
      <security:http>
      	<security:intercept-url pattern="/ccc" access="hasRole('ROLE_USER')" />
      	<security:intercept-url pattern="/*" access="permitAll" />
      	<security:form-login  login-page="/mlogin" />
      </security:http>
      
      
      <security:authentication-manager>
         <security:authentication-provider>
            <security:password-encoder ref="bCryptPasswordEncoder"/>
            <security:user-service>
               <security:user name="jinsu" 
                     password="$2a$10$qLWALnVsCYJhVavUKl8HKuwDQM4WXLEHqurqJQJslEEwoS7c8nXiS" 
                     authorities="ROLE_SUJI"/>
            </security:user-service>
         </security:authentication-provider>
      </security:authentication-manager>
</beans>

 

로그인해보면

 

 

오류남,, 이유는 angma/aaa를 처리할 페이지가 없음

그래서 처리할 페이지 만들어주고

 

 

다시 로그인

 

잘됨

 

 

 

 

 

인증정보 하나 더 복사해서

코드 설정

 

 

이거 url확인하면 콘솔에

엔젤 코드 뜸

그거 복사해서 다시 수정함

 

 

 

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
   xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
   xmlns:security="http://www.springframework.org/schema/security"
   xsi:schemaLocation="http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-5.8.xsd
      http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd">
      
      <bean id="bCryptPasswordEncoder" class="org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder"/>
      <!--웹 보안  -->
      <!-- 멀티설정에는 기본제공 로그인 페이지를 사용못함! -->
      
      <!-- 세트 1 -->
      <security:http pattern="/angma/**" authentication-manager-ref="jinsu">
      	<security:intercept-url pattern="/angma/aaa" access="hasRole('ROLE_JINSU')"/>
      	<security:form-login  login-page="/angma/mlogin" login-processing-url="/angma/login" />
      </security:http>
      
      <security:authentication-manager id="jinsu">
         <security:authentication-provider>
            <security:password-encoder ref="bCryptPasswordEncoder"/>
            <security:user-service>
               <security:user name="jinsu" 
                     password="$2a$10$qLWALnVsCYJhVavUKl8HKuwDQM4WXLEHqurqJQJslEEwoS7c8nXiS" 
                     authorities="ROLE_SUJI,ROLE_JINSU"/>
            </security:user-service>
         </security:authentication-provider>
      </security:authentication-manager>
   
      <!-- 세트 2 -->
      <security:http pattern="/angel/**" authentication-manager-ref="sky">
      	<security:intercept-url pattern="/angel/aaa" access="hasRole('ROLE_SKY')"/>
      	<security:form-login  login-page="/angel/youlogin" login-processing-url="/angel/login" />
      </security:http>
      
      <security:authentication-manager id="sky">
         <security:authentication-provider>
            <security:password-encoder ref="bCryptPasswordEncoder"/>
            <security:user-service>
               <security:user name="sky" 
                     password="$2a$10$Ysyksr2MB0wcW12uWs8Vmez5tyfchGQzonv8.3WW7VG1MQgWauo4m" 
                     authorities="ROLE_SKY"/>
            </security:user-service>
         </security:authentication-provider>
      </security:authentication-manager>
      
      <!-- 나머지 전부 안됨! 나의 미스테이크 -->
      <security:http>
      	<security:intercept-url pattern="/ccc" access="hasRole('ROLE_USER')" />
      	<security:intercept-url pattern="/*" access="permitAll" />
      	<security:form-login  login-page="/mlogin" />
      </security:http>
      
      
      
</beans>

 

 

 

 

'Spring > Spring 기초' 카테고리의 다른 글

e7e샘의 시큐리티 설정4(메뉴얼 로그인)  (0) 2023.08.31
e7e샘의 시큐리티 설정3  (0) 2023.08.30
e7e샘의 시큐리티 설정2(AJAX토큰사용/로그인페이지 설정)  (0) 2023.08.29
e7e샘의 시큐리티 설정  (0) 2023.08.29
Sweetalert 사용방법(Alert창 꾸미기)  (0) 2023.08.28

관련글

티스토리툴바