인프런 커뮤니티 질문&답변
작성한 질문수
8) 계층 권한 적용하기- RoleHierarchy강의대로 소스작성했더니 제대로 동작하지 않습니다
작성
·
381
0
https://github.com/onjsdnjs/corespringsecurity.git
강의내용과 git소스 참고해서 소스수정했더니 계층권한이 제대로 작동하지 않습니다
git소스중에 어떤 브랜치를 봐야되는건가요?
답변 6
0
0
제가 지금 ch05-03a 를 체크아웃 받아서 돌려보면 오류가 발생하지는 않네요
그리고 현재 인증 없이 모든 리소스에 접근이 가능한 이유는 resources 테이블에 아무런 권한 관련 설정을 하지 않아서 그렇습니다.
지금 아무런 리소스가 등록이 안되어 있습니다.
리소스 등록 버튼을 클릭하시고 들어가시면 다음과 같은 화면이 나옵니다.
내용을 입력하시고 로그아웃 후 /mypage 로 접근하시면 접근이 안되시는 것을 확인 하실 수 있습니다.
일단 DB 저장 내용은 정상적으로 된 것 같고 resources 테이블에 권한설정을 등록하시기 바랍니다.
0
관련소스라면 ch05-03a로 체크아웃하기 전의 상태의 소스를 말씀하시는 건가요?
그 부분은 나중에 다시 올리겠습니다...
우선 ch05-03a 소스로도 문제가 있는것 같은데 그 부분에 대해서 해결방법을 알려주셨으면 감사하겠습니다
소스 수정안하고 그대로 돌렸는데도 에러가 나거든요
0
0
죄송합니다 소스공유는 어떻게 하는게 좋을까요? 방법이 있으시면 부탁드립니다
내용이 좀 긴데요... 소스뿐만 아니라 DB데이터 상으로도 문제가 없는건지 확인해야 될 것 같네요
우선 05-03a 브랜치로 서버기동하니까 에러가 발생합니다
----------------------------------------------------------------------------------------
Hibernate: select resources0_.resource_id as resource1_3_0_, role2_.role_id as role_id1_4_1_, resources0_.http_method as http_met2_3_0_, resources0_.order_num as order_nu3_3_0_, resources0_.resource_name as resource4_3_0_, resources0_.resource_type as resource5_3_0_, role2_.role_desc as role_des2_4_1_, role2_.role_name as role_nam3_4_1_, roleset1_.resource_id as resource1_6_0__, roleset1_.role_id as role_id2_6_0__ from resources resources0_ inner join role_resources roleset1_ on resources0_.resource_id=roleset1_.resource_id inner join role role2_ on roleset1_.role_id=role2_.role_id where resources0_.resource_type='method' order by resources0_.order_num desc 2021-04-29 12:57:23.179 INFO 32396 --- [ restartedMain] trationDelegate$BeanPostProcessorChecker : Bean 'methodResourcesMapFactoryBean' of type [java.util.LinkedHashMap] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying) 2021-04-29 12:57:23.180 INFO 32396 --- [ restartedMain] trationDelegate$BeanPostProcessorChecker : Bean 'mapBasedMethodSecurityMetadataSource' of type [org.springframework.security.access.method.MapBasedMethodSecurityMetadataSource] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying) 2021-04-29 12:57:23.183 INFO 32396 --- [ restartedMain] trationDelegate$BeanPostProcessorChecker : Bean 'methodSecurityMetadataSource' of type [org.springframework.security.access.method.DelegatingMethodSecurityMetadataSource] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying) 2021-04-29 12:57:23.233 INFO 32396 --- [ restartedMain] trationDelegate$BeanPostProcessorChecker : Bean 'pointcutResourcesMapFactoryBean' of type [io.security.corespringsecurity.security.factory.MethodResourcesMapFactoryBean] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying) Hibernate: select resources0_.resource_id as resource1_3_0_, role2_.role_id as role_id1_4_1_, resources0_.http_method as http_met2_3_0_, resources0_.order_num as order_nu3_3_0_, resources0_.resource_name as resource4_3_0_, resources0_.resource_type as resource5_3_0_, role2_.role_desc as role_des2_4_1_, role2_.role_name as role_nam3_4_1_, roleset1_.resource_id as resource1_6_0__, roleset1_.role_id as role_id2_6_0__ from resources resources0_ inner join role_resources roleset1_ on resources0_.resource_id=roleset1_.resource_id inner join role role2_ on roleset1_.role_id=role2_.role_id where resources0_.resource_type='pointcut' order by resources0_.order_num desc 2021-04-29 12:57:23.240 INFO 32396 --- [ restartedMain] trationDelegate$BeanPostProcessorChecker : Bean 'pointcutResourcesMapFactoryBean' of type [java.util.LinkedHashMap] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying) 2021-04-29 12:57:23.242 WARN 32396 --- [ restartedMain] ConfigServletWebServerApplicationContext : Exception encountered during context initialization - cancelling refresh attempt: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'protectPointcutPostProcessor' defined in class path resource [io/security/corespringsecurity/security/configs/MethodSecurityConfig.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [io.security.corespringsecurity.security.processor.ProtectPointcutPostProcessor]: Factory method 'protectPointcutPostProcessor' threw exception; nested exception is java.lang.IllegalArgumentException: configAttributes cannot be empty 2021-04-29 12:57:23.242 INFO 32396 --- [ restartedMain] j.LocalContainerEntityManagerFactoryBean : Closing JPA EntityManagerFactory for persistence unit 'default' 2021-04-29 12:57:23.245 INFO 32396 --- [ restartedMain] com.zaxxer.hikari.HikariDataSource : HikariPool-1 - Shutdown initiated... 2021-04-29 12:57:23.250 INFO 32396 --- [ restartedMain] com.zaxxer.hikari.HikariDataSource : HikariPool-1 - Shutdown completed. 2021-04-29 12:57:23.260 INFO 32396 --- [ restartedMain] ConditionEvaluationReportLoggingListener : Error starting ApplicationContext. To display the conditions report re-run your application with 'debug' enabled. 2021-04-29 12:57:23.268 ERROR 32396 --- [ restartedMain] o.s.boot.SpringApplication : Application run failed org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'protectPointcutPostProcessor' defined in class path resource [io/security/corespringsecurity/security/configs/MethodSecurityConfig.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [io.security.corespringsecurity.security.processor.ProtectPointcutPostProcessor]: Factory method 'protectPointcutPostProcessor' threw exception; nested exception is java.lang.IllegalArgumentException: configAttributes cannot be empty at org.springframework.beans.factory.support.ConstructorResolver.instantiate(ConstructorResolver.java:645) ~[spring-beans-5.2.1.RELEASE.jar:5.2.1.RELEASE] at org.springframework.beans.factory.support.ConstructorResolver.instantiateUsingFactoryMethod(ConstructorResolver.java:475) ~[spring-beans-5.2.1.RELEASE.jar:5.2.1.RELEASE] at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.instantiateUsingFactoryMethod(AbstractAutowireCapableBeanFactory.java:1338) ~[spring-beans-5.2.1.RELEASE.jar:5.2.1.RELEASE] at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:1177) ~[spring-beans-5.2.1.RELEASE.jar:5.2.1.RELEASE] at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:557) ~[spring-beans-5.2.1.RELEASE.jar:5.2.1.RELEASE] at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:517) ~[spring-beans-5.2.1.RELEASE.jar:5.2.1.RELEASE] at org.springframework.beans.factory.support.AbstractBeanFactory.lambda$doGetBean$0(AbstractBeanFactory.java:323) ~[spring-beans-5.2.1.RELEASE.jar:5.2.1.RELEASE] at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:222) ~[spring-beans-5.2.1.RELEASE.jar:5.2.1.RELEASE] at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:321) ~[spring-beans-5.2.1.RELEASE.jar:5.2.1.RELEASE] at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:207) ~[spring-beans-5.2.1.RELEASE.jar:5.2.1.RELEASE] at org.springframework.context.support.PostProcessorRegistrationDelegate.registerBeanPostProcessors(PostProcessorRegistrationDelegate.java:240) ~[spring-context-5.2.1.RELEASE.jar:5.2.1.RELEASE] at org.springframework.context.support.AbstractApplicationContext.registerBeanPostProcessors(AbstractApplicationContext.java:722) ~[spring-context-5.2.1.RELEASE.jar:5.2.1.RELEASE] at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:535) ~[spring-context-5.2.1.RELEASE.jar:5.2.1.RELEASE] at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.refresh(ServletWebServerApplicationContext.java:141) ~[spring-boot-2.2.1.RELEASE.jar:2.2.1.RELEASE] at org.springframework.boot.SpringApplication.refresh(SpringApplication.java:747) [spring-boot-2.2.1.RELEASE.jar:2.2.1.RELEASE] at org.springframework.boot.SpringApplication.refreshContext(SpringApplication.java:397) [spring-boot-2.2.1.RELEASE.jar:2.2.1.RELEASE] at org.springframework.boot.SpringApplication.run(SpringApplication.java:315) [spring-boot-2.2.1.RELEASE.jar:2.2.1.RELEASE] at org.springframework.boot.SpringApplication.run(SpringApplication.java:1226) [spring-boot-2.2.1.RELEASE.jar:2.2.1.RELEASE] at org.springframework.boot.SpringApplication.run(SpringApplication.java:1215) [spring-boot-2.2.1.RELEASE.jar:2.2.1.RELEASE] at io.security.corespringsecurity.CoreSpringSecurityApplication.main(CoreSpringSecurityApplication.java:15) [classes/:na] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[na:1.8.0_202] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[na:1.8.0_202] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[na:1.8.0_202] at java.lang.reflect.Method.invoke(Method.java:498) ~[na:1.8.0_202] at org.springframework.boot.devtools.restart.RestartLauncher.run(RestartLauncher.java:49) [spring-boot-devtools-2.2.1.RELEASE.jar:2.2.1.RELEASE] Caused by: org.springframework.beans.BeanInstantiationException: Failed to instantiate [io.security.corespringsecurity.security.processor.ProtectPointcutPostProcessor]: Factory method 'protectPointcutPostProcessor' threw exception; nested exception is java.lang.IllegalArgumentException: configAttributes cannot be empty at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:185) ~[spring-beans-5.2.1.RELEASE.jar:5.2.1.RELEASE] at org.springframework.beans.factory.support.ConstructorResolver.instantiate(ConstructorResolver.java:640) ~[spring-beans-5.2.1.RELEASE.jar:5.2.1.RELEASE] ... 24 common frames omitted Caused by: java.lang.IllegalArgumentException: configAttributes cannot be empty at org.springframework.util.Assert.notEmpty(Assert.java:549) ~[spring-core-5.2.1.RELEASE.jar:5.2.1.RELEASE] at io.security.corespringsecurity.security.processor.ProtectPointcutPostProcessor.setPointcutMap(ProtectPointcutPostProcessor.java:105) ~[classes/:na] at io.security.corespringsecurity.security.configs.MethodSecurityConfig.protectPointcutPostProcessor(MethodSecurityConfig.java:55) ~[classes/:na] at io.security.corespringsecurity.security.configs.MethodSecurityConfig$$EnhancerBySpringCGLIB$$4f6eddad.CGLIB$protectPointcutPostProcessor$4(
----------------------------------------------------------------------------------------
급한대로 MethodSecurityConfig.java - protectPointcutPostProcessor빈을 코멘트아웃하니까 에러가 해소됬습니다
문제는 그 이후에 admin, user, manager 어떤걸로 로그인해도 마이페이지 메시지 환경설정 화면 인가처리를 제대로 안하고 있더군요
(모든 화면으로 모든 유저가 아무렇게나 화면천이가 가능한 상태)
그리고 서버기동후 DB 저장내용입니다. 확인부탁드립니다
(user, manager계정은 직접 회원가입으로 작성후 일부 권한설정을 변경했던것 같습니다)
----------------------------------------------------------------------------------------
<access_ip>테이블
|ip_id|ip_address|
|---:|:---|
|8|0:0:0:0:0:0:0:1|
<account>테이블
|id|age|email|password|username|
|---:|---:|:---|:---|:---|
|2|0|admin@admin.com|{bcrypt}$2a$10$XBwVcrlC269eMAuGE04D0uCZb7IIeN7JladzxvdaXhRQtaDQPzjjG|admin|
|10|20|user@gmail.com|{bcrypt}$2a$10$d/xzMCrAs70aD8hZhpS5XuQnVukbk2XFSTocx3S97OuZ5nf4t1zei|user|
|9|10|manager@gmail.com|{bcrypt}$2a$10$0OAV2FKNcDaKaovPfSZ.uuM6B/6.Fm1y4pIInM/gLnjs7Qr/w60eW|manager|
<account_roles>테이블
|account_id|role_id|
|---:|---:|
|2|1|
|10|4|
|9|3|
<resources>테이블
데이터없음
<role>테이블
|role_id|role_desc|role_name|
|---:|:---|:---|
|1|관리자|ROLE_ADMIN|
|3|매니저권한|ROLE_MANAGER|
|4|사용자권한|ROLE_USER|
<role_hierarchy>테이블
|id|child_name|parent_name|
|---:|:---|:---|
|5|ROLE_ADMIN||
|6|ROLE_MANAGER|ROLE_ADMIN|
|7|ROLE_USER|ROLE_MANAGER|
<role_resources>테이블
데이터없음
<user_roles>테이블
데이터없음
----------------------------------------------------------------------------------------
0