on
spring security 세션
spring security 세션
728x90
package io.security.basicsecurity; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Configuration; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.core.userdetails.UserDetailsService; @Configuration @EnableWebSecurity public class SecurityConfig extends WebSecurityConfigurerAdapter { @Autowired UserDetailsService userDetailsService; @Override protected void configure(HttpSecurity http) throws Exception { // 어떠한 요청에도 인증 받게 http .authorizeRequests() .anyRequest().authenticated(); // 인증 방법은 form 로그인 방식으로 http .formLogin(); http .sessionManagement() .maximumSessions(1) .maxSessionsPreventsLogin(false); }; }
package io.security.basicsecurity; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Configuration; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.core.userdetails.UserDetailsService; @Configuration @EnableWebSecurity public class SecurityConfig extends WebSecurityConfigurerAdapter { @Autowired UserDetailsService userDetailsService; @Override protected void configure(HttpSecurity http) throws Exception { // 어떠한 요청에도 인증 받게 http .authorizeRequests() .anyRequest().authenticated(); // 인증 방법은 form 로그인 방식으로 http .formLogin(); http .sessionManagement() .sessionFixation().changeSessionId(); }; }
JWT 사용시 Stateless 사용
728x90
from http://arch1tect.tistory.com/225 by ccl(A) rewrite - 2021-12-01 22:01:25