on
spring security Remember Me 인증
spring security Remember Me 인증
728x90
package io.security.basicsecurity; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Configuration; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.core.Authentication; import org.springframework.security.core.AuthenticationException; import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.security.web.authentication.AuthenticationFailureHandler; import org.springframework.security.web.authentication.AuthenticationSuccessHandler; import org.springframework.security.web.authentication.logout.LogoutHandler; import org.springframework.security.web.authentication.logout.LogoutSuccessHandler; import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; import java.io.IOException; @Configuration @EnableWebSecurity public class SecurityConfig extends WebSecurityConfigurerAdapter { @Autowired UserDetailsService userDetailsService; @Override protected void configure(HttpSecurity http) throws Exception { // 로그아웃 설정 http // spring security에서는 기본적으로 로그아웃 post로 동작한다. (따로 설정가능) .logout() .logoutUrl("/logout") .logoutSuccessUrl("/login") // 로그아웃시 동작할 핸들러 설정 .addLogoutHandler(new LogoutHandler() { @Override public void logout(HttpServletRequest request, HttpServletResponse response, Authentication authentication) { HttpSession session = request.getSession(); session.invalidate(); } }) .logoutSuccessHandler(new LogoutSuccessHandler() { @Override public void onLogoutSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException { response.sendRedirect("/login"); } }) // 서버에서 만든 쿠키를 삭제하고싶을때 쿠키명 작성해주면 된다 .deleteCookies("remember-me") .and() .rememberMe() .rememberMeParameter("remember") .tokenValiditySeconds(3600) .userDetailsService(userDetailsService); }; }
728x90
from http://arch1tect.tistory.com/223 by ccl(A) rewrite - 2021-12-01 03:02:01