java security·Î ·Î±×ÀÎ ±¸ÇöÇÏ·Á°í Çϴµ¥
·Î±×ÀÎ.jsp¿¡¼ ·Î±×ÀιöÆ° ´©¸£¸é failÀÌ µË´Ï´Ù.
sts console ȸé
|
11:08:10.258 TRACE 51115 --- [ http-nio-8082-exec-9 ] o.s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped to com.iciamall.www.controller.UserController#login()
11:08:14.099 INFO 54956 --- [ http-nio-8082-exec-2 ] jdbc.sqlonly : select * from users where username='spring' and rownum=1
11:08:14.101 INFO 54958 --- [ http-nio-8082-exec-2 ] jdbc.resultsettable :
|---------|-------------------------------------------------------------|-----|--------------------|------------|--------|
|username |password |irum |email |phone |enabled |
|---------|-------------------------------------------------------------|-----|--------------------|------------|--------|
|spring |$2a$10$rgC2Z89KXQ5SkqyPN7WiQ.RGxfb5GHHuFXa2Ht4W |È«±æµ¿|[email protected] |01012345678|1 |
|---------|-------------------------------------------------------------|-----|--------------------|------------|--------|
11:08:14.102 INFO 54959 --- [ http-nio-8082-exec-2 ] jdbc.sqlonly : select * from authorities where username='spring'
11:08:14.103 INFO 54960 --- [ http-nio-8082-exec-2 ] jdbc.resultsettable :
|----------|---------|
|authority |username |
|----------|---------|
|ROLE_USER |spring |
|----------|---------|
fail,fail,fail,fail,fail,fail,fail,fail,fail,
11:08:14.119 TRACE 54976 --- [ http-nio-8082-exec-15 ] o.s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped to com.iciamall.www.controller.UserController#page()
|
º¸½Ã¸é ȸ¿ø°¡ÀÔÀ» ±¸ÇöÇÏ¿© DB¿¡ °èÁ¤À» ¸¸µé¾ú´Âµ¥ fail󸮵˴ϴÙ.
(
fail,fail,fail,fail,fail,fail,fail,fail,fail,
)Àº Á¦°¡ ÄַܼÎ
LoginFailureHandler¿¡ sysoutÀ¸·Î ¸¸µé¾îµÐ°ÍÀÔ´Ï´Ù.
security´Â
security-context.xml
|
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:sec="http://www.springframework.org/schema/security"
xsi:schemaLocation="http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-5.3.xsd
http://www.springframework.org/schema/beans https://www.springframework.org/schema/beans/spring-beans.xsd">
<bean id="encoder" class="org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder" />
<!-- HTTP¸¦ À§ÇÑ ÀÚµ¿ ¼³Á¤ È°¼ºÈ -->
<sec:http>
<sec:csrf disabled="true"/>
<sec:form-login
username-parameter="username"
password-parameter="password"
login-page="/user/login"
login-processing-url="/user/login"
authentication-success-handler-ref="loginSuccessHandler"
authentication-failure-handler-ref="loginFailureHandler"
/>
<sec:logout logout-url="/user/logout" logout-success-url="/" />
<sec:access-denied-handler error-page="/system/403" />
</sec:http>
<sec:authentication-manager>
<sec:authentication-provider user-service-ref="customUserDetailsService">
<sec:password-encoder ref="passwordEncoder" />
</sec:authentication-provider>
</sec:authentication-manager>
</beans>
|
ÀÔ´Ï´Ù.
¾î´ÀºÎºÐÀÌ ¹®Á¦ÀÎÁö Ȥ½Ã ¾Æ½Ã¸é ¾Ë·ÁÁÖ½Ã¸é °¨»çÇÏ°Ú½À´Ï´Ù.
¿ø°Ý°¡´ÉÇÕ´Ï´Ù.