Spring
spring security 6
slow333
2023. 6. 8. 16:11
Inmemory 방식 사용자 인증 방식 : 되는 것...
@Configuration
@EnableWebSecurity
public class SecConfig {
@Autowired
BCryptPasswordEncoder encoder;
@Bean
SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
http
.csrf(AbstractHttpConfigurer::disable)
.authorizeHttpRequests(auth -> auth
.requestMatchers("/crm/add").hasRole("ADMIN")
.anyRequest().permitAll()
)
.formLogin(Customizer.withDefaults());
return http.build();
}
@Bean
public UserDetailsService users() {
UserDetails user = User
.withUsername("user")
.password("pass")
.passwordEncoder(str -> encoder.encode(str))
.roles("USER")
.build();
UserDetails admin = User.withUsername("admin")
.password("pass")
.passwordEncoder(str -> encoder.encode(str))
.roles("USER", "ADMIN")
.build();
return new InMemoryUserDetailsManager(user, admin);
}
}
@EnableWebSecurity
public class SecConfig {
@Autowired
BCryptPasswordEncoder encoder;
@Bean
SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
http
.csrf(AbstractHttpConfigurer::disable)
.authorizeHttpRequests(auth -> auth
.requestMatchers("/crm/add").hasRole("ADMIN")
.anyRequest().permitAll()
)
.formLogin(Customizer.withDefaults());
return http.build();
}
@Bean
public UserDetailsService users() {
UserDetails user = User
.withUsername("user")
.password("pass")
.passwordEncoder(str -> encoder.encode(str))
.roles("USER")
.build();
UserDetails admin = User.withUsername("admin")
.password("pass")
.passwordEncoder(str -> encoder.encode(str))
.roles("USER", "ADMIN")
.build();
return new InMemoryUserDetailsManager(user, admin);
}
}
password encoder
@Configuration
public class WebConfig {
@Bean
BCryptPasswordEncoder passwordEncoder(){
return new BCryptPasswordEncoder();
}
}
public class WebConfig {
@Bean
BCryptPasswordEncoder passwordEncoder(){
return new BCryptPasswordEncoder();
}
}
spring security 기본 설정 시
사용자 암호 지정 : application.properites
spring.security.user.name=test
spring.security.user.password=1111