[Spring Boot] WebSecurityConfigurerAdpater 지원 안함
2024. 3. 18. 16:05ㆍ프레임워크(Framework)/Spring
책을 보며 코드를 작성하다가 WebSecurityConfigurerAdpater에 'Cannot resolve symbol 'WebSecurityConfigurerAdpater'라는 오류가 발생했다.
그 원인은 spring security 5.7 이상에서 더 이상 WebSecurityConfigurerAdpater의 사용을 권장하지 않기 때문이었다. 그 대신에 컴포넌트 기반 설정으로 변경할 것을 권장한다고 한다.
[변경 전]
package com.dan.springbootwebservice.config.auth;
import lombok.RequiredArgsConstructor;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
@RequiredArgsConstructor
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
private final CustomOAuth2UserService customOAuth2UserService;
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.csrf().disable()
.headers().frameOptions().disable()
.and()
.authorizeRequests()
.antMatchers("/", "/css/**", "/images/**",
"/js/**", "/h2-console/**").permitAll()
.antMatchers("/api/v1/**").hasRole(Role.
USER.name())
.anyRequest().authenticated()
.and()
.logout()
.logoutSuccessUrl("/")
.and()
.oauth2Login()
.userInfoEndpoint()
.userService(customOAuth2UserService);
}
}
[변경 후]
package com.dan.springbootwebservice.config.auth;
import com.dan.springbootwebservice.domain.user.Role;
import lombok.RequiredArgsConstructor;
import org.springframework.boot.autoconfigure.condition.ConditionalOnWebApplication;
import org.springframework.boot.autoconfigure.security.ConditionalOnDefaultWebSecurity;
import org.springframework.boot.autoconfigure.security.SecurityProperties;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.Order;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.web.SecurityFilterChain;
@RequiredArgsConstructor
@EnableWebSecurity //spring security 설정들을 활성화
@Configuration(proxyBeanMethods = false)
@ConditionalOnDefaultWebSecurity
@ConditionalOnWebApplication(type = ConditionalOnWebApplication.Type.SERVLET)
public class SecurityConfig {
private final CustomOAuth2UserService customOAuth2UserService;
@Bean
@Order(SecurityProperties.BASIC_AUTH_ORDER)
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
http
.csrf(csrf -> csrf.disable())
.headers(headers -> headers.frameOptions(frameOptions -> frameOptions.disable()))
// .headers(headers -> headers.frameOptions().disable())
.authorizeRequests(authorizeRequests -> authorizeRequests
.requestMatchers("/", "/css/**", "/images/**", "/js/**", "/h2-console/**").permitAll() // Permit these paths
.requestMatchers("/api/v1/**").hasRole(Role.USER.name()) // Require USER role for these paths
.anyRequest().authenticated() // Authenticate all other requests
)
.logout(logout -> logout
.logoutSuccessUrl("/") // Redirect to root after logout
)
.oauth2Login(oauth2 -> oauth2
.userInfoEndpoint(userInfoEndpoint -> userInfoEndpoint.userService(customOAuth2UserService)) // Configure user info endpoint with custom user service
);
return http.build();
}
}'프레임워크(Framework) > Spring' 카테고리의 다른 글
| [Spring] Service를 Interface로 생성하는 이유 4가지 (0) | 2024.07.13 |
|---|---|
| [Spring] IntelliJ Live template (0) | 2024.04.18 |
| [JUnit5 오류] mustache 한글만 출력 오류 인코딩 오류 (0) | 2024.03.15 |
| [Spring] @RequiredArgsConstructor이란? (0) | 2024.03.07 |
| [Spring] 어노테이션(Annotation)이란? (0) | 2024.02.27 |