[스프링시큐리티] DB를 사용한 로그인인증 & 권한 처리

POM.XML 설정

/* 의존성 추가 */

    <properties>
        <java-version>1.7</java-version>
        <org.springframework-version>3.2.4.RELEASE</org.springframework-version>
        <org.aspectj-version>1.7.3</org.aspectj-version>
        <org.slf4j-version>1.6.6</org.slf4j-version>
        <spring.security.version>3.1.0.RELEASE</spring.security.version>
        <project.build.sourceEncoding>utf-8</project.build.sourceEncoding>
        <project.reporting.outputEncoding>utf-8</project.reporting.outputEncoding>
    </properties>

        <!-- 스프링 시큐리티 3.1 -->
        <dependency>
            <groupId>org.springframework.security</groupId>
            <artifactId>spring-security-taglibs</artifactId>
            <version>3.1.0.RELEASE</version>
        </dependency>
    
        <dependency>
            <groupId>org.springframework.security</groupId>
            <artifactId>spring-security-core</artifactId>
            <version>3.1.0.RELEASE</version>
        </dependency>
        <dependency>
            <groupId>org.springframework.security</groupId>
            <artifactId>spring-security-web</artifactId>
            <version>3.1.0.RELEASE</version>
        </dependency>
        <dependency>
            <groupId>org.springframework.security</groupId>
            <artifactId>spring-security-config</artifactId>
            <version>3.1.0.RELEASE</version>
        </dependency>

/* 6번 라인 시큐리티 버전 확인 요망 (필자는 3.1.0 버전을 썻습니다.) */

WEB.XML 설정

/* FilterChain추가 fileter-name은 반드시 springSecurityFilterChain */

    <!-- 스프링 시큐리티 -->
    <filter>
        <filter-name>springSecurityFilterChain</filter-name>
        <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
    </filter>
    <filter-mapping>
        <filter-name>springSecurityFilterChain</filter-name>
        <url-pattern>/*</url-pattern>
    </filter-mapping>

/* 설정한 classpath에서 context-*.xml로 시작하는 파일을 매핑해준다. 

우리는 Security를 진행중이기때문에, context-securtiy.xml을 생성해준다. */

      <context-param>
        <param-name>contextConfigLocation</param-name>
        <param-value>classpath:config/spring/context-*.xml</param-value>
      </context-param>

CONTEXT-SECURITY.XML 설정

/* 스키마는 다음과 같이 설정한다. */

<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
  xmlns:beans="http://www.springframework.org/schema/beans"
  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  xsi:schemaLocation="
           http://www.springframework.org/schema/beans
           http://www.springframework.org/schema/beans/spring-beans-4.0.xsd
           http://www.springframework.org/schema/security
           http://www.springframework.org/schema/security/spring-security-3.1.xsd
">

    <!-- sha-256 암호화 -->
    <beans:bean id="passwordEncoder" class="org.springframework.security.authentication.encoding.ShaPasswordEncoder" >
        <beans:constructor-arg value="256" />
        <beans:property name="encodeHashAsBase64" value="true" />
    </beans:bean>        
            
    <!-- 핸들러 -->    
    <beans:bean id="loginFailureHandler" class="com.endu.cms.security.SavedAuthenticationFailureHandler" />
    <beans:bean id="loginSuccessHandler" class="com.endu.cms.security.SavedAuthenticationSuccessHandler" />
    
    <http auto-config="true" use-expressions="true">
    
        <form-login
            login-page="/index.do" 
            default-target-url="/main.do"
            authentication-failure-url="/index.do?fail=true"
            authentication-success-handler-ref="loginSuccessHandler"
            authentication-failure-handler-ref="loginFailureHandler" 
        />
    </http>
    
    <authentication-manager alias="authenticationManager">
        <authentication-provider user-service-ref="securityService">
            <password-encoder ref="passwordEncoder" />
        </authentication-provider>
    </authentication-manager>
 
    <beans:bean id="securityService" class="org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl">
        <beans:property name="dataSource" ref="endu.dataSource" />
        <beans:property name="usersByUsernameQuery">
            <beans:value>
                select
                    c_userid as username,
                    c_userpw as password,
                    enabled
                from
                    c_user
                where c_userid=?
            </beans:value>
        </beans:property>
        <beans:property name="authoritiesByUsernameQuery">
            <beans:value>
                select
                    c_userid as username,
                    authority
                from 
                    authorities
                where c_userid = ?
            </beans:value>
        </beans:property>
    </beans:bean>
 

/*  2~5번 Line 패스워드 암호화, 

8번~9번 Line 로그인실패, 성공 핸들러 

29번 Line 자신의 datasource alais name을 적어준다.

30번 Line 자신의 db정보를 적어준다. ('본인컬럼' as username, password, enabled) 잊지말 것  */