728x90
inMemory 방식 user 생성
package io.security.corespringsecurity.security.configs;
import org.springframework.context.annotation.Bean;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.factory.PasswordEncoderFactories;
import org.springframework.security.crypto.password.PasswordEncoder;
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
String password = passwordEncoder().encode("1111");
auth.inMemoryAuthentication().withUser("user").password(password).roles("USER");
auth.inMemoryAuthentication().withUser("manager").password(password).roles("MANAGER");
auth.inMemoryAuthentication().withUser("admin").password(password).roles("ADMIN");
}
// 평문인 문자열을 암호화해서 리턴
@Bean
private PasswordEncoder passwordEncoder() {
return PasswordEncoderFactories.createDelegatingPasswordEncoder();
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.antMatchers("/").permitAll()
.antMatchers("/mypage").hasRole("USER")
.antMatchers("/message").hasRole("MANAGER")
.antMatchers("/config").hasRole("ADMIN")
.anyRequest().authenticated()
.and()
.formLogin();
}
}728x90
'백엔드 > Spring Security' 카테고리의 다른 글
| Spring HTTPS 설정 (0) | 2022.01.18 |
|---|---|
| spring security WebIgnore (0) | 2021.12.03 |
| spring security 필터 다중 설정 (0) | 2021.12.02 |
| spring security csrfFilter (0) | 2021.12.02 |
| spring security 예외처리 (0) | 2021.12.02 |
