개발 블로그
[eGov] 스프링 시큐리티 암호화 회원가입 본문
MemberController에 메소드 만들고 view 연결하기
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Insert title here</title>
</head>
<body>
<h1 class="main-heading">Register</h1>
<form method="post" action="registerSave.do">
<div>
<label>UserName</label>
<div>
<input class="form-control" name="userName" required>
</div>
</div>
<div>
<label>UserId</label>
<div>
<input class="form-control" name="userId" required>
</div>
</div>
<div>
<label>Password</label>
<div>
<input class="form-control" name="password" required>
</div>
</div>
<div>
<label>Confirm Password</label>
<div>
<input class="form-control" required>
</div>
</div>
<br>
<div>
<div>
<button type="submit">
Register
</button>
</div>
</div>
</form>
</body>
</html>
그럼 이제 form 에서 넘어오는 값을 받을 VO 만들기
name 값과 vo 필드 맞추는거 필수
package egovframework.example.member.model.vo;
public class Member {
private String userName;
private String userId;
private String password;
private String authority;
private int enabled;
public String getUserName() {
return userName;
}
public void setUserName(String userName) {
this.userName = userName;
}
public String getUserId() {
return userId;
}
public void setUserId(String userId) {
this.userId = userId;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
public String getAuthority() {
return authority;
}
public void setAuthority(String authority) {
this.authority = authority;
}
public int getEnabled() {
return enabled;
}
public void setEnabled(int enabled) {
this.enabled = enabled;
}
@Override
public String toString() {
return "Member [userName=" + userName + ", userId=" + userId + ", password=" + password + ", authority="
+ authority + ", enabled=" + enabled + "]";
}
}
오른쪽 마우스 클릭 - Source
getter/setter , toString도 generate 해준다
우선 컨트롤러에서 form에서 넘어오는값이 콘솔에 찍히는지 확인하려고 한다
근데 안될 것이다.
context-security.xml에
꼮 !!!!
<csrf disabled="true"></csrf> 추가해주는 거 잊지말기 post를 스프링 시큐리티가 막는다고 한다..
여기서 jsp form에서 action="/registerSave.do"에 슬래시를 넣어주면 앞에 CheestStick 이 안찍힌다
action="member/registerSave.do" 이러면 요청이 member/member/registerSave.do 이런식으로 찍힘
어쨋든 첨부된 코드대로 action을 설정하는 것이 중요하다
어쨋든 이상태로 돌리면 콘솔에 찍히니까..
이걸 이제 member insert로 만들어야 함
@RequestMapping(value="/member/registerSave.do")
public String registerSave(Member member) throws Exception{
System.out.println(member);
int result = 0;
String encPassword = passwordEncoder.encode(member.getPassword());
member.setPassword(encPassword);
result = memberService.InsertMember(member);
return "";
}
그냥 insert 메소드와 달리
여기서 코드 두줄이 추가 된 것을 볼 수 있다!
String encPassword = passwordEncoder.encode(member.getPassword());
member.setPassword(encPassword);
비밀번호를 암호화해서 넣기 위해 추가한 코드이다
이 코드를 사용하기 위해선.. 아래와 같은 코드를 context-security.xml 에 추가해야 한다
<beans:bean id="bcryptPasswordEncoder" class="org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder"/>
<!-- 로그인 시 비밀번호를 암호화해서 DB에서ㅓ 조회한 비밀번호와 비교 -->
<password-encoder ref="bcryptPasswordEncoder"/>
context-security.xml 전문
<?xml version="1.0" encoding="UTF-8"?>
<beans:beans
xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:security="http://www.springframework.org/schema/security"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-4.2.xsd">
<http auto-config="true" use-expressions="true">
<intercept-url pattern="/member/loginPage.do" access="permitAll"/>
<intercept-url pattern="/**" access="permitAll" />
<form-login login-page="/member/loginPage.do"
username-parameter="userid"
password-parameter="password"
authentication-failure-url="/member/loginPage.do?error"
default-target-url="/"
/>
<csrf disabled="true"></csrf>
<session-management>
<concurrency-control max-sessions="1" expired-url="/" />
</session-management>
</http>
<beans:bean id="bcryptPasswordEncoder" class="org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder"/>
<authentication-manager>
<authentication-provider>
<!-- 로그인 시 비밀번호를 암호화해서 DB에서 조회한 비밀번호와 비교 -->
<password-encoder ref="bcryptPasswordEncoder"/>
<jdbc-user-service data-source-ref="dataSource"
users-by-username-query=
"SELECT USERID AS USERNAME,
PASSWORD,
1 AS ENABLED
FROM SS_MEMBER
WHERE USERID = ?"
authorities-by-username-query=
"SELECT USERID AS USERNAME,
AUTHORITY
FROM SS_MEMBER
WHERE USERID = ?"
/>
</authentication-provider>
</authentication-manager>
</beans:beans>
MemberController.java
package egovframework.example.member.controller;
import javax.annotation.Resource;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import egovframework.example.member.model.service.MemberService;
import egovframework.example.member.model.vo.Member;
@Controller
public class MemberController {
@Autowired
PasswordEncoder passwordEncoder;
@Resource(name = "memberService")
private MemberService memberService;
@RequestMapping(value="/member/loginPage.do")
public String orderWrite() {
System.out.println("로그인 페이지 연결");
return "member/loginPage";
}
@RequestMapping(value="/member/registerPage.do")
public String registerPage() {
System.out.println("회원가입 페이지 연결");
return "member/registerPage";
}
@RequestMapping(value="/member/registerSave.do")
public String registerSave(Member member) throws Exception{
System.out.println(member);
int result = 0;
String encPassword = passwordEncoder.encode(member.getPassword());
member.setPassword(encPassword);
result = memberService.InsertMember(member);
return "";
}
}
MemberService.java
package egovframework.example.member.model.service;
import egovframework.example.member.model.vo.Member;
public interface MemberService {
public int InsertMember(Member member) throws Exception;
}
MemberServiceImpl.java
package egovframework.example.member.model.service;
import javax.annotation.Resource;
import org.springframework.stereotype.Service;
import egovframework.example.member.model.mapper.MemberMapper;
import egovframework.example.member.model.vo.Member;
import egovframework.example.order.model.mapper.OrderMapper;
import egovframework.example.order.model.service.OrderService;
import egovframework.rte.fdl.cmmn.EgovAbstractServiceImpl;
@Service("memberService")
public class MemberServiceImpl extends EgovAbstractServiceImpl implements MemberService {
@Resource(name="memberMapper")
private MemberMapper mapper;
@Override
public int InsertMember(Member member) throws Exception {
return mapper.InsertMember(member);
}
}
MemberMapper.java
package egovframework.example.member.model.mapper;
import egovframework.example.member.model.vo.Member;
import egovframework.rte.psl.dataaccess.mapper.Mapper;
@Mapper("memberMapper")
public interface MemberMapper {
int InsertMember(Member member);
}
memberMapper.xml
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
<mapper namespace="egovframework.example.member.model.mapper.MemberMapper">
<insert id="InsertMember" parameterType="Member">
INSERT INTO SS_MEMBER
( USERNAME
, USERID
, PASSWORD
, AUTHORITY
, ENABLED )
VALUES ( #{userName}
, #{userId}
, #{password}
, 'ROLE_USER'
, 1 )
</insert>
</mapper>
아 그리고 sql-mapper-config.xml에 typeAliases 추가하는 거 잊지말기
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE configuration PUBLIC "-//mybatis.org//DTD Config 3.0//EN" "http://mybatis.org/dtd/mybatis-3-config.dtd">
<configuration>
<typeAliases>
<typeAlias alias="Order" type="egovframework.example.order.model.vo.Order"/>
<typeAlias alias="Member" type="egovframework.example.member.model.vo.Member"/>
</typeAliases>
</configuration>
그리고 회원가입 해보면 아래와 같이 값이 insert 된것을 확인 할 수 있다
회원가입 했던 비밀번호로 로그인하면 로그인도 됨
'전자 정부 프레임워크' 카테고리의 다른 글
| [eGov] 스프링 시큐리티 커스텀하기 (0) | 2023.04.04 |
|---|---|
| [eGov] MVC 파일 구조 변경하고 그에 따른 설정도 변경 (0) | 2023.03.31 |
| [eGov] 스프링 시큐리티 DB와 연결하기 (0) | 2023.03.31 |
| [eGov] 스프링 시큐리티 기본 설정 (0) | 2023.03.31 |
| [eGov] eGovFrameWebProject sample 삭제 (0) | 2023.03.30 |
'전자 정부 프레임워크' Related Articles
more
