Sidebar

Recent changes

Menu

Trace: Kotlin 1부 동작하는 도메인 모델 만들기 Git Polymorphism 문법 Spring Security Fortran PDF 만들기 Regular Expression
Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
back-end:spring:security [2021/04/29 12:47] – Athentication architecuture 그림을 직접 서버에 업로드 ledyxback-end:spring:security [2021/04/29 16:23] (current) – [WebSecurityConfigurerAdapter] configure() 설명 추가 ledyx
Line 70: Line 70:
 === UserDetailsService  === === UserDetailsService  ===
  
-  * [[https://docs.spring.io/spring-security/site/docs/current/api/org/springframework/security/core/userdetails/UserDetailsService.html|UserDetailsService]] +"[[https://docs.spring.io/spring-security/site/docs/current/api/org/springframework/security/core/userdetails/UserDetailsService.html#loadUserByUsername-java.lang.String-|UserDetailsService에는 UserDetails loadUserByUsername(String username)]]"만 있는데, 여기서 [[https://docs.spring.io/spring-security/site/docs/current/api/org/springframework/security/core/userdetails/UserDetails.html|UserDetails]]는 이름, 비밀번호, 인증/인가등의 기본적인 사용자 정보를 담는 Class.
-    * [[https://docs.spring.io/spring-security/site/docs/current/api/org/springframework/security/core/userdetails/UserDetails.html|UserDetails]]+
  
 {{:back-end:spring:userdetailsservice.png|}} {{:back-end:spring:userdetailsservice.png|}}
 +
 +또 다른 사용자 정보를 담는 Bean을 만들기보다 이를 상속해서 사용하는게 일을 덜 할 수 있으리라 판단된다.
 +
 +마음에 드는 구현체가 없다면 이 Interface를 상속받아서 재정의.
 +
 +자식 Interface인 [[https://docs.spring.io/spring-security/site/docs/current/api/org/springframework/security/provisioning/UserDetailsManager.html|UserDetailsManager]]는 비밀번호 변경, 사용자 생성/삭제/갱신, 사용자 존재 여부등의 기능이 추가로 있음.
 +
 +
 +----
 +
 +
 +=== WebSecurityConfigurerAdapter ===
 +
 +전역적인(globally) authentication이 필요할 때 사용.
 +
 +[[https://docs.spring.io/spring-security/site/docs/current/api/org/springframework/security/config/annotation/web/configuration/WebSecurityConfigurerAdapter.html|WebSecurityConfigurerAdapter]]를 상속해서 사용한다. 여기서 주의깊게 봐야 하는 Method는 "configure"인데, 3개의 종류를 가진다.
 +
 +  * **protected void configure(AuthenticationManagerBuilder auth)**
 +    * Used by the default implementation of authenticationManager() to attempt to obtain an AuthenticationManager.
 +  * **protected void configure(HttpSecurity http)**
 +    * Override this method to configure the HttpSecurity.
 +  * **void configure(WebSecurity web)**
 +    * Override this method to configure WebSecurity.
 +
 +{{:back-end:spring:websecurityconfigurer.png}}
 +
 +  * WebSecurityConfigurerAdapter, AbstractConfiguredSecurityBuilder, AbstractSecurityBuilder : abstract class
 +  * WebSecurity : final class
 +
 +<flow>
 +classDiagram
 +  class SecurityConfigurer~O, B extends SecurityBuilder<O>~ {
 +    init(B builder)
 +    configure(B builder)
 +  }
 +  
 +  class WebSecurityConfigurer~T extends SecurityBuilder<Filter>~
 +  
 +  class SecurityBuilder~O~ {
 +    build() O
 +  }
 +  
 +  class AbstractSecurityBuilder~O~
 +  
 +  class AbstractConfiguredSecurityBuilder~O, B extends SecurityBuilder<O>~
 +  
 +  class WebSecurity
 +  
 +  SecurityConfigurer <|-- WebSecurityConfigurer : <Filter,  T extends SecurityBuilder<Filter>>
 +  WebSecurityConfigurer  <|-- WebSecurityConfigurerAdapter : <WebSecurity>
 +  
 +  SecurityBuilder <|-- AbstractSecurityBuilder
 +  AbstractSecurityBuilder <|-- AbstractConfiguredSecurityBuilder
 +  AbstractConfiguredSecurityBuilder <|-- WebSecurity : <Filter, WebSecurity>
 +  
 +  Aware <|-- ApplicationContextAware
 +  SecurityBuilder <|-- WebSecurity : <Filter>
 +  ApplicationContextAware <|-- WebSecurity
 +</flow>
  
  
back-end/spring/security.1619696834.txt.gz · Last modified: 2021/04/29 12:47 by ledyx