sungwon-097 / spring_security Goto Github PK

View Code? Open in Web Editor NEW

1.0 1.0 0.0 125 KB

Java 96.37% HTML 3.63%

spring_security's Introduction

Spring_Study

security1 & jwt_DEMO

스프링부트 시큐리티(oauth 2.0) & JWT(stateless token) 강의
31 Lectures, 8 Hours 28 Minutes
강의 바로가기
JWT-23부터 중단

spring_security's People

Contributors

Stargazers

Watchers

spring_security's Issues

SpringSecurity : deprecated issue

WebSecurityConfigureAdapter 가 Deprecated 됨으로 인해 authenticationManager() 메소드를 사용 할 수 없게 됨

// before
public class SecurityConfig extends WebSecurityConfigurerAdapter{	
...
          @Override
	  protected void configure(HttpSecurity http) throws Exception {
            ...
            .addFilter(new JwtAuthenticationFilter(authenticationManager()))
            ...
          }
}

// after
public class SecurityConfig {
...
          @Bean
	  SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
            ...
            .apply(new MyCustomDsl()) // 커스텀 필터 등록
            ...
          }

          public class MyCustomDsl extends AbstractHttpConfigurer<MyCustomDsl, HttpSecurity> {
		@Override
		public void configure(HttpSecurity http) throws Exception {
			AuthenticationManager authenticationManager = http.getSharedObject(AuthenticationManager.class);
			http
					.addFilter(corsConfig.corsFilter())
					.addFilter(new JwtAuthenticationFilter(authenticationManager))
					.addFilter(new JwtAuthorizationFilter(authenticationManager, userRepository));
		}
	}
}

Deprecated된 authenticationManager()메소드를 대신해 MyCustomDsl라는 Custom Filter를 만들어서 대체하였음
기존의 강의 내용과 달라지는 점이 많아 최신화된 다른 내용으로 보완하려함

SpringSecurity : fixed untracked files => .gitignore doesn't work

Must clear the cache for gitignore to work properly.

git rm -r --cached .
git add .gitignore
git commit -m "fixed untracked files"

SpringSecurity : kakao login complete => (String) and toString()

// Object 를 String 으로 변환하여 반환
Object obj = session.getAttribute("user_name");
String user_name = obj.toString();

// String 자료형임을 명시
Object obj = session.getAttribute("user_name");
String user_name = (String)obj;

JPA query method

// UserEntity.java
@Entity
@Data
public class User {
    @Id // primary Key
    @GeneratedValue(strategy = GenerationType.IDENTITY)
    private int id;
    private String username;
    private String password;
    private String email;
    private String role; // ROLE_USER, ROLE_ADMIN
    @CreationTimestamp
    private Timestamp crateDate;
}

// UserRepository.interface
public interface UserRepository extends JpaRepository<User, Integer> { // User 의 primaryKey 는 Integer

    // findBy 규칙, Username 문법
    // select * from user where username = ?
    public User findByUsername(String username);

    // findBy 규칙, Email 문법
    // select * from user where email = ?
    public User findByEmail(String email);
}

Go to Extra Document

Deprecated : WebSecurityConfigurerAdapter

기존에는 WebSecurityConfigurerAdapter를 상속받아 설정을 오버라이딩 하는 방식이었는데 바뀐 방식에서는 상속받아 오버라이딩하지 않고 모두 Bean으로 등록을 합니다.

// Before 
@Override
public void configure(WebSecurity web){
 web.ignore().antMatchers("/assets/**", "/h2-console/**", "/api/hello2");
}

// After
@Bean
public WebSecurityCustomizer webSecurityCustomizer(){
 return (web) -> web.ignoring().antMatchers("/assets/**", "/h2-console/**", "/api/hello2");
}

출처 : https://velog.io/@pjh612/Deprecated된-WebSecurityConfigurerAdapter-어떻게-대처하지

sungwon-097 / spring_security Goto Github PK

spring_security's Introduction

security1 & jwt_DEMO

spring_security's People

Contributors

Stargazers

Watchers

spring_security's Issues

SpringSecurity : deprecated issue

SpringSecurity : fixed untracked files => .gitignore doesn't work

SpringSecurity : kakao login complete => (String) and toString()

JPA query method

Deprecated : WebSecurityConfigurerAdapter

Recommend Projects

React

Vue.js

Typescript

TensorFlow

Django

Laravel

D3

Recommend Topics

javascript

web

server

Machine learning

Visualization

Game

Recommend Org

Facebook

Microsoft

Google

Alibaba

D3

Tencent