22.06.22 20:53 작성
·
741
6
우선 참고하셔야할 링크
https://spring.io/blog/2022/02/21/spring-security-without-the-websecurityconfigureradapter
1. HttpSecurty http << 오버라이드 대신
@Bean
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
http.authorizeRequests()
.mvcMatchers("/", "/info", "/account/**").permitAll()
.mvcMatchers("/admin").hasRole("ADMIN")
.anyRequest().authenticated();
http.formLogin();
http.httpBasic();
return http.build();
}
2. inmemory 유저 추가
@Bean
public InMemoryUserDetailsManager userDetailsService() {
UserDetails user = User.withUsername("user")
.password("{noop}123")
.roles("USER")
.build();
UserDetails admin = User.withUsername("admin")
.password("{noop}123")
.roles("ADMIN")
.build();
UserDetails[] userDetails = new UserDetails[2];
userDetails[0] = user;
userDetails[1] = admin;
return new InMemoryUserDetailsManager(userDetails);
}
굳이 배열로 안하고 그냥 다 써도 되는듯 해용
@Bean 잊지 않기