config/

SecurityConfig.java

CORS, ๊ธฐ๋ณธ ๋กœ๊ทธ์ธ ํŽ˜์ด์ง€ ์ œ๊ณต ์—ฌ๋ถ€ ๋“ฑ ์›น ๋ณด์•ˆ ๊ด€๋ จ๋œ ์„ค์ • ๊ด€๋ฆฌ

package com.example.pkscl.config;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;

@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    @Bean
    public PasswordEncoder getPasswordEncoder() {
        return new BCryptPasswordEncoder();
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
            .cors().disable()      // cors ๋น„ํ™œ์„ฑํ™”
            .csrf().disable()      // csrf ๋น„ํ™œ์„ฑํ™”
            .formLogin().disable() //๊ธฐ๋ณธ ๋กœ๊ทธ์ธ ํŽ˜์ด์ง€ ์—†์• ๊ธฐ
            .logout().disable()    //๊ธฐ๋ณธ ๋กœ๊ทธ์•„์›ƒ ํŽ˜์ด์ง€ ์—†์• ๊ธฐ
            .headers().frameOptions().disable();
    }

}

WebConfig.java

์ธํ„ฐ์…‰ํ„ฐ ์ˆœ์„œ ๋ฐ URL ์„ค์ •, CORS ์„ค์ • ๊ด€๋ฆฌ

package com.example.pkscl.config;

import com.example.pkscl.Interceptor.EditPageInterceptor;
import com.example.pkscl.Interceptor.LoginCheckInterceptor;
import com.example.pkscl.Interceptor.LoginPageInterceptor;

import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.CorsRegistry;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
  
@Configuration
public class WebConfig implements WebMvcConfigurer{
    
    @Override
    public void addInterceptors(InterceptorRegistry registry) {
        registry.addInterceptor(new EditPageInterceptor())
        .order(1)
        .addPathPatterns("/edit-main**");
        registry.addInterceptor(new LoginCheckInterceptor())
        .order(2)
        .addPathPatterns("/**")
        .excludePathPatterns("/","/css/**", "/*.ico", "/error", "/login/**", "/signup/**","/signUp/**", "/major-list", "/index.html", "/static/**", "/*.json", "/*.css", "/*.js" , "/*.png", "/email/*", "/verify/**", "/img/**", "/newpwd/**", "/email.png", "/logo.png","/password.png");
        registry.addInterceptor(new LoginPageInterceptor())
        .order(3)
        .addPathPatterns("/", "");
    }

    @Override
    public void addCorsMappings(CorsRegistry registry) {
        registry.addMapping("/**")
            .allowedOrigins("*")
            .allowedMethods("*");
    }
    
}
Previous์‹œ์Šคํ…œ ํ๋ฆ„๋„ ๋ฐ ๊ตฌ์กฐ๋„Nextcontroller/

Last updated