monday last

src/main/java/com/its/op/controller/its/LoginController.java

@@ -2,7 +2,7 @@ package com.its.op.controller.its;
 
 import com.its.op.dto.its.LoginDto;
 import com.its.op.service.its.LoginService;
-import com.its.op.webapp.config.WebConfig;
+import com.its.op.security.WebMvcConfig;
 import com.its.utils.CookieUtils;
 import io.swagger.annotations.Api;
 import lombok.RequiredArgsConstructor;
@@ -79,17 +79,17 @@ public class LoginController {
         String loginHms = "";
         if (cookies!= null && cookies.length > 0) {
             try {
-                encUserId = CookieUtils.getCookie(request, WebConfig.USER_UUID);
-                loginHms = CookieUtils.getCookie(request, WebConfig.USER_TIME);
+                encUserId = CookieUtils.getCookie(request, WebMvcConfig.USER_UUID);
+                loginHms = CookieUtils.getCookie(request, WebMvcConfig.USER_TIME);
             } catch (Exception e) {
                 log.error("{}", e.getMessage());
             }
         }
 
         if (!"".equals(encUserId)) {
-            String userId = WebConfig.decUserId(encUserId);
+            String userId = WebMvcConfig.decUserId(encUserId);
             LoginDto.LogoutReqDto req = LoginDto.LogoutReqDto.builder()
-                    .user_id(WebConfig.decUserId(userId))
+                    .user_id(WebMvcConfig.decUserId(userId))
                     .login_hms(loginHms)
                     .build();
             log.info("logout: {}", req.toString());
@@ -98,8 +98,8 @@ public class LoginController {
 
         Authentication auth = SecurityContextHolder.getContext().getAuthentication();
         if(auth != null) {
-            expiredCookie(response, WebConfig.USER_UUID);
-            expiredCookie(response, WebConfig.USER_TIME);
+            expiredCookie(response, WebMvcConfig.USER_UUID);
+            expiredCookie(response, WebMvcConfig.USER_TIME);
             new SecurityContextLogoutHandler().logout(request, response, auth);
         }
         return new ModelAndView("forward:/application/login/login.html");

src/main/java/com/its/op/entity/its/oper/TbUserInfr.java

@@ -1,8 +1,7 @@
 package com.its.op.entity.its.oper;
 
 import com.its.op.dto.its.oper.TbUserInfrDto;
-import com.its.op.security.WebUserDetails;
-import com.its.op.webapp.domain.UserInfrVo;
+import com.its.op.security.UserInfrVo;
 import io.swagger.annotations.ApiModel;
 import io.swagger.annotations.ApiModelProperty;
 import lombok.*;
@@ -127,25 +126,25 @@ public class TbUserInfr implements Serializable {
                 .build();
     }
 
-    public WebUserDetails toUserDetails() {
-        return WebUserDetails.builder()
-                .userId(this.userId)
-                .pwd(this.pwd)
-                .name(this.name)
-                .comp(this.comp)
-                .tel(this.tel)
-                .addr(this.addr)
-                .mobile(this.mobile)
-                .emal(this.emal)
-                .delYn(this.delYn)
-                .rgstymd(this.rgstymd)
-                .crctymd(this.crctymd)
-                .hintQues(this.hintQues)
-                .hintAns(this.hintAns)
-                .gropId(this.gropId)
-                .operSystId(this.operSystId)
-                .build();
-    }
+//    public WebUserDetails toUserDetails() {
+//        return WebUserDetails.builder()
+//                .userId(this.userId)
+//                .pwd(this.pwd)
+//                .name(this.name)
+//                .comp(this.comp)
+//                .tel(this.tel)
+//                .addr(this.addr)
+//                .mobile(this.mobile)
+//                .emal(this.emal)
+//                .delYn(this.delYn)
+//                .rgstymd(this.rgstymd)
+//                .crctymd(this.crctymd)
+//                .hintQues(this.hintQues)
+//                .hintAns(this.hintAns)
+//                .gropId(this.gropId)
+//                .operSystId(this.operSystId)
+//                .build();
+//    }
 
     public TbUserInfr(String userId) {
         this.userId = userId;

src/main/java/com/its/op/interceptor/ApiHandlerInterceptor.java

@@ -1,6 +1,6 @@
 package com.its.op.interceptor;
 
-import com.its.op.webapp.config.WebConfig;
+import com.its.op.security.WebMvcConfig;
 import com.its.utils.CookieUtils;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.lang.StringUtils;
@@ -24,39 +24,28 @@ public class ApiHandlerInterceptor implements HandlerInterceptor {
         String userId = "";
         String loginHms = "";
         if (cookies != null && cookies.length > 0) {
-            userId = CookieUtils.getCookie(request, WebConfig.USER_UUID);
-            loginHms = CookieUtils.getCookie(request, WebConfig.USER_TIME);
+            userId = CookieUtils.getCookie(request, WebMvcConfig.USER_UUID);
+            loginHms = CookieUtils.getCookie(request, WebMvcConfig.USER_TIME);
         }
         if (userId == null || "".equals(userId)) {
         }
         else {
-            userId = WebConfig.decUserId(userId);
+            userId = WebMvcConfig.decUserId(userId);
         }
 
-        if (StringUtils.equalsIgnoreCase("GET", request.getMethod())) {
-            log.error("{}", request.getRequestURI());
-        }
-        else {
+        log.debug("START: Request URI: {}", request.getRequestURI());
+
+        if (!StringUtils.equalsIgnoreCase("GET", request.getMethod())) {
             HttpSession session = request.getSession(false);
-            log.error("{}: session: {}", request.getMethod(), session);
             if (session == null) {
-                log.error("권한이 없음. 로그인 되어 있지 않음.");
-                //response.sendRedirect("/error.html");
-                return false;
             }
-            log.error("preHandle: {}, {}", userId, loginHms);
         }
         return true;
     }
 
     @Override
     public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, @Nullable ModelAndView modelAndView) throws Exception {
-        log.error("postHandle: {}, {}, {}", request.getRequestURI(), response.toString(), handler);
-    }
-
-    @Override
-    public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, @Nullable Exception ex) throws Exception {
-        log.error("afterCompletion: {}, {}, {}", request.getRequestURI(), response.toString(), handler);
+        log.debug("..END: Request URI: {}", request.getRequestURI());
     }
 
 }

src/main/java/com/its/op/webapp/domain/UserInfrVo.java → src/main/java/com/its/op/security/UserInfrVo.java

@@ -1,8 +1,7 @@
-package com.its.op.webapp.domain;
+package com.its.op.security;
 
 import com.its.op.dto.its.oper.TbUserInfrDto;
 import com.its.op.entity.its.oper.TbUserInfr;
-import com.its.op.webapp.security.WebPasswordEncoder;
 import io.swagger.annotations.ApiModelProperty;
 import lombok.*;
 import lombok.extern.slf4j.Slf4j;

src/main/java/com/its/op/security/WebAccessDeniedHandler.java

@@ -1,46 +0,0 @@
-package com.its.op.security;
-
-import lombok.Getter;
-import lombok.extern.slf4j.Slf4j;
-import org.springframework.security.access.AccessDeniedException;
-import org.springframework.security.web.access.AccessDeniedHandler;
-
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import java.io.IOException;
-
-@Slf4j
-@Getter
-//@Component
-public class WebAccessDeniedHandler implements AccessDeniedHandler {
-
-    private String defaultTargetUrl;
-
-    public WebAccessDeniedHandler setDefaultTargetUrl(String defaultTargetUrl) {
-        this.defaultTargetUrl = defaultTargetUrl;
-        return this;
-    }
-
-    @Override
-    public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException exception) throws IOException, ServletException {
-        response.setStatus(HttpServletResponse.SC_FORBIDDEN);
-        response.setCharacterEncoding("UTF-8");
-
-        String ajaxHeader = request.getHeader("x-requested-with");
-
-        String msg = exception.getMessage();
-        log.info("accessDenied: {}", msg);
-
-        if (ajaxHeader != null && ajaxHeader.equals("XMLHttpRequest")) { // ajax 인 경우
-            String result = "{\"isError\" : \"true\", \"errorMsg\" : \"" + msg + "\"}";
-            response.setContentType("application/json;charset=UTF-8");
-            response.getWriter().print(result);
-            response.getWriter().flush();
-        }
-        else {
-            request.setAttribute("errorMsg", msg);
-            request.getRequestDispatcher(this.defaultTargetUrl).forward(request, response);
-        }
-    }
-}

src/main/java/com/its/op/security/WebAuthenticationFailureHandler.java

@@ -1,44 +0,0 @@
-package com.its.op.security;
-
-import lombok.Getter;
-import lombok.Setter;
-import lombok.extern.slf4j.Slf4j;
-import org.springframework.security.core.AuthenticationException;
-import org.springframework.security.web.authentication.AuthenticationFailureHandler;
-
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import java.io.IOException;
-
-@Slf4j
-@Getter
-@Setter
-//@Component
-public class WebAuthenticationFailureHandler implements AuthenticationFailureHandler {
-
-    private String defaultFailureUrl;       // 화면에 보여줄 URL(로그인 화면)
-
-    public WebAuthenticationFailureHandler() {
-        this.defaultFailureUrl = "";
-    }
-
-    @Override
-    public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response, AuthenticationException exception) throws IOException, ServletException {
-        log.error("onAuthenticationFailure: {}");
-
-        // Request 객체의 Attribute 에 사용자가 실패시 입력했던 로그인 ID와 비밀번호를 저장해두어 로그인 페이지에서 이를 접근하도록 한다
-//        String loginid = request.getParameter(loginidname);
-//        String loginpasswd = request.getParameter(loginpasswdname);
-//        String loginRedirect = request.getParameter(loginredirectname);
-//
-//        request.setAttribute(loginidname, loginid);
-//        request.setAttribute(loginpasswdname, loginpasswd);
-//        request.setAttribute(loginredirectname, loginRedirect);
-//
-//        // Request 객체의 Attribute에 예외 메시지 저장
-//        request.setAttribute(exceptionmsgname, exception.getMessage());
-//
-        request.getRequestDispatcher(defaultFailureUrl).forward(request, response);
-    }
-}

src/main/java/com/its/op/security/WebAuthenticationProvider.java

@@ -1,90 +0,0 @@
-package com.its.op.security;
-
-import lombok.AllArgsConstructor;
-import lombok.Getter;
-import lombok.Setter;
-import lombok.extern.slf4j.Slf4j;
-import org.springframework.security.authentication.AuthenticationProvider;
-import org.springframework.security.authentication.BadCredentialsException;
-import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
-import org.springframework.security.core.Authentication;
-import org.springframework.security.core.AuthenticationException;
-import org.springframework.security.core.userdetails.UsernameNotFoundException;
-import org.springframework.security.crypto.password.PasswordEncoder;
-import org.springframework.security.web.authentication.WebAuthenticationDetails;
-import org.springframework.util.AntPathMatcher;
-
-@Slf4j
-@Getter
-@Setter
-@AllArgsConstructor
-//@Component
-public class WebAuthenticationProvider implements AuthenticationProvider {
-
-    private final AntPathMatcher pathMatcher = new AntPathMatcher();
-    private WebUserDetailsService userDetailsService;
-    private PasswordEncoder passwordEncoder;
-
-    @Override
-    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
-        String username = authentication.getName();
-        String password = (String) authentication.getCredentials();
-        WebUserDetails user;
-        try {
-            // 사용자를 조회한다.
-            user = (WebUserDetails)this.userDetailsService.loadUserByUsername(username);
-            if (user == null || !this.passwordEncoder.matches(password, user.getPassword())) {
-                // 비밀번호 오류
-                throw new BadCredentialsException("Bad credentials");
-            }
-
-            // IP 접속체크하면 여기서 수행
-            WebAuthenticationDetails details = (WebAuthenticationDetails)authentication.getDetails();
-            log.info("Remote  IP: {}", details.getRemoteAddress());
-            log.info("Session ID: {}", details.getSessionId());
-
-//            List<ComUserAlowIp> comUserAlowIpList = securityUserDetailsService.findComUserAlowIpByUserMngtSeq(((SecurityUser)user).getComUserMngt());
-//            if (comUserAlowIpList != null && !comUserAlowIpList.isEmpty()) { // 없으면 통과
-//                pathMatcher.setPathSeparator(".");
-//                boolean isAlowIp = false;
-//                String remoteAddress = ((WebAuthenticationDetails) authentication.getDetails()).getRemoteAddress();
-//                for(ComUserAlowIp comUserAlowIp: comUserAlowIpList){
-//                    if(pathMatcher.match(comUserAlowIp.getAlowIp(), remoteAddress)){
-//                        isAlowIp = true;
-//                        break;
-//                    }
-//                }
-//
-//                if (!isAlowIp){
-//                    throw new BadCredentialsException("is Not Allow IP Address : " + remoteAddress);
-//                }
-//            }
-        }
-        catch(UsernameNotFoundException e) {
-            log.warn("UsernameNotFoundException: {}", e.getMessage());
-            throw new UsernameNotFoundException(e.getMessage());
-        }
-        catch(BadCredentialsException e) {
-            log.warn("UsernameNotFoundException: {}", e.getMessage());
-            throw new BadCredentialsException(e.getMessage());
-        }
-        catch(Exception e) {
-            log.warn("UsernameNotFoundException: {}", e.getMessage());
-            throw new RuntimeException(e.getMessage());
-        }
-
-        return new UsernamePasswordAuthenticationToken(user, password, user.getAuthorities());
-    }
-
-    public void setSecurityUserDetailsService(WebUserDetailsService securityUserDetailsService) {
-        this.userDetailsService = securityUserDetailsService;
-    }
-    public void setPasswordEncoder(PasswordEncoder passwordEncoder) {
-        this.passwordEncoder = passwordEncoder;
-    }
-
-    @Override
-    public boolean supports(Class<?> auth) {
-        return auth.equals(UsernamePasswordAuthenticationToken.class);
-    }
-}

src/main/java/com/its/op/security/WebAuthenticationSuccessHandler.java

@@ -1,151 +0,0 @@
-package com.its.op.security;
-
-import lombok.Getter;
-import lombok.extern.slf4j.Slf4j;
-import org.springframework.security.core.Authentication;
-import org.springframework.security.web.DefaultRedirectStrategy;
-import org.springframework.security.web.RedirectStrategy;
-import org.springframework.security.web.WebAttributes;
-import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
-import org.springframework.security.web.savedrequest.HttpSessionRequestCache;
-import org.springframework.security.web.savedrequest.RequestCache;
-import org.springframework.security.web.savedrequest.SavedRequest;
-import org.springframework.util.StringUtils;
-
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import javax.servlet.http.HttpSession;
-import java.io.IOException;
-
-@Slf4j
-@Getter
-//@Component
-public class WebAuthenticationSuccessHandler implements AuthenticationSuccessHandler {
-
-    private final RequestCache requestCache = new HttpSessionRequestCache();
-    private final RedirectStrategy redirectStrategy = new DefaultRedirectStrategy();
-
-    private String targetUrlParameter;
-    private String defaultUrl;
-    private boolean useReferer;
-
-    public WebAuthenticationSuccessHandler() {
-        this.targetUrlParameter = "";
-        this.defaultUrl = "/";
-        this.useReferer = false;
-    }
-
-    public WebAuthenticationSuccessHandler setTargetUrlParameter(String targetUrlParameter) {
-        this.targetUrlParameter = targetUrlParameter;
-        return this;
-    }
-    public WebAuthenticationSuccessHandler setDefaultUrl(String defaultUrl) {
-        this.defaultUrl = defaultUrl;
-        return this;
-    }
-    public WebAuthenticationSuccessHandler setUseReferer(boolean useReferer) {
-        this.useReferer = useReferer;
-        return this;
-    }
-
-    @Override
-    public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException {
-        clearAuthenticationAttributes(request);
-
-        int intRedirectStrategy = decideRedirectStrategy(request, response);
-        switch (intRedirectStrategy) {
-            case 1:
-                useTargetUrl(request, response);
-                break;
-            case 2:
-                useSessionUrl(request, response);
-                break;
-            case 3:
-                useRefererUrl(request, response);
-                break;
-            default:
-                useDefaultUrl(request, response);
-        }
-    }
-
-    private void clearAuthenticationAttributes(HttpServletRequest request) {
-        HttpSession session = request.getSession(false);
-        if (session == null) {
-            return;
-        }
-        session.removeAttribute(WebAttributes.AUTHENTICATION_EXCEPTION);
-    }
-
-    private void useTargetUrl(HttpServletRequest request, HttpServletResponse response) throws IOException {
-        SavedRequest savedRequest = this.requestCache.getRequest(request, response);
-        if (savedRequest != null) {
-            this.requestCache.removeRequest(request, response);
-        }
-        String targetUrl = request.getParameter(this.targetUrlParameter);
-        this.redirectStrategy.sendRedirect(request, response, targetUrl);
-    }
-
-    private void useSessionUrl(HttpServletRequest request, HttpServletResponse response) throws IOException {
-        SavedRequest savedRequest = this.requestCache.getRequest(request, response);
-        String targetUrl = savedRequest.getRedirectUrl();
-        this.redirectStrategy.sendRedirect(request, response, targetUrl);
-    }
-
-    private void useRefererUrl(HttpServletRequest request, HttpServletResponse response) throws IOException {
-        String targetUrl = request.getHeader("REFERER");
-        this.redirectStrategy.sendRedirect(request, response, targetUrl);
-    }
-
-    private void useDefaultUrl(HttpServletRequest request, HttpServletResponse response) throws IOException {
-        this.redirectStrategy.sendRedirect(request, response, this.defaultUrl);
-    }
-
-    /**
-     * 인증 성공후 어떤 URL 로 redirect 할지를 결정
-     * 1. targetUrlParameter 값을 읽은 URL 이 존재할
-     * 2. Spring Security 가 Session 에 저장한 URL
-     * 3. Request 의 REFERER 를 사용하고 그 REFERER URL 이 존재할 경우
-     * 4. Default URL
-     *
-     * @param request
-     * @param response
-     * @return 1 : targetUrlParameter
-     *         2 : Session 에 저장되어 있는 URL
-     *         3 : referer 헤더에 있는 url
-     *         0 : default url
-     */
-    private int decideRedirectStrategy(HttpServletRequest request, HttpServletResponse response) {
-        SavedRequest savedRequest = this.requestCache.getRequest(request, response);
-
-        if (!"".equals(this.targetUrlParameter)) {
-            String targetUrl = request.getParameter(this.targetUrlParameter);
-            if (StringUtils.hasText(targetUrl)) {
-                return 1;
-            }
-            else {
-                if (savedRequest != null) {
-                    return 2;
-                }
-                else {
-                    String refererUrl = request.getHeader("REFERER");
-                    if (useReferer && StringUtils.hasText(refererUrl)) {
-                        return 3;
-                    }
-                }
-            }
-            return 0;
-        }
-
-        if (savedRequest != null) {
-            return 2;
-        }
-
-        String refererUrl = request.getHeader("REFERER");
-        if (this.useReferer && StringUtils.hasText(refererUrl)) {
-            return 3;
-        }
-
-        return 0;
-    }
-}

src/main/java/com/its/op/webapp/controller/WebController.java → src/main/java/com/its/op/security/WebController.java

@@ -1,4 +1,4 @@
-package com.its.op.webapp.controller;
+package com.its.op.security;
 
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.security.core.Authentication;

src/main/java/com/its/op/webapp/handler/LoginFailureHandler.java → src/main/java/com/its/op/security/WebLoginFailureHandler.java

@@ -1,4 +1,4 @@
-package com.its.op.webapp.handler;
+package com.its.op.security;
 
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.security.authentication.*;
@@ -15,7 +15,7 @@ import java.io.IOException;
 
 @Slf4j
 @Service
-public class LoginFailureHandler implements AuthenticationFailureHandler {
+public class WebLoginFailureHandler implements AuthenticationFailureHandler {
 
     @Override
     public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response, AuthenticationException exception) throws IOException, ServletException {

src/main/java/com/its/op/webapp/service/WebLoginService.java → src/main/java/com/its/op/security/WebLoginService.java

@@ -1,4 +1,4 @@
-package com.its.op.webapp.service;
+package com.its.op.security;
 
 import com.its.op.entity.its.oper.TbUserInfr;
 import com.its.op.dao.repository.its.oper.TbUserCnncHsRepository;

src/main/java/com/its/op/webapp/handler/LoginSuccessHandler.java → src/main/java/com/its/op/security/WebLoginSuccessHandler.java

@@ -1,9 +1,7 @@
-package com.its.op.webapp.handler;
+package com.its.op.security;
 
 import com.its.op.dao.repository.its.oper.TbUserCnncHsRepository;
 import com.its.op.entity.its.oper.TbUserCnncHs;
-import com.its.op.webapp.config.WebConfig;
-import com.its.op.webapp.domain.UserInfrVo;
 import com.its.utils.CookieUtils;
 import com.its.utils.ItsUtils;
 import lombok.AllArgsConstructor;
@@ -27,7 +25,7 @@ import java.util.List;
 @Slf4j
 @AllArgsConstructor
 @Service
-public class LoginSuccessHandler implements AuthenticationSuccessHandler {
+public class WebLoginSuccessHandler implements AuthenticationSuccessHandler {
 
     private final TbUserCnncHsRepository cnncHsRepo;
 
@@ -66,11 +64,11 @@ public class LoginSuccessHandler implements AuthenticationSuccessHandler {
 
         log.info("cnncHs: {}, {}", cnncHs.getUserId(), cnncHs.getLoginHms());
 
-        request.getSession().setAttribute(WebConfig.USER_UUID, WebConfig.encUserId(cnncHs.getUserId()));
-        request.getSession().setAttribute(WebConfig.USER_TIME, cnncHs.getLoginHms());
+        request.getSession().setAttribute(WebMvcConfig.USER_UUID, WebMvcConfig.encUserId(cnncHs.getUserId()));
+        request.getSession().setAttribute(WebMvcConfig.USER_TIME, cnncHs.getLoginHms());
         try {
-            CookieUtils.setCookie(response, WebConfig.USER_UUID, WebConfig.encUserId(cnncHs.getUserId()), 60*60);
-            CookieUtils.setCookie(response, WebConfig.USER_TIME, cnncHs.getLoginHms(), 60*60);
+            CookieUtils.setCookie(response, WebMvcConfig.USER_UUID, WebMvcConfig.encUserId(cnncHs.getUserId()), 60*60);
+            CookieUtils.setCookie(response, WebMvcConfig.USER_TIME, cnncHs.getLoginHms(), 60*60);
         } catch (Exception e) {
             log.error("{}", e.getMessage());
         }

src/main/java/com/its/op/security/WebLogoutSuccessHandler.java

@@ -1,27 +0,0 @@
-package com.its.op.security;
-
-import lombok.extern.slf4j.Slf4j;
-import org.springframework.security.core.Authentication;
-import org.springframework.security.web.authentication.logout.SimpleUrlLogoutSuccessHandler;
-
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import java.io.IOException;
-
-@Slf4j
-//@Component
-public class WebLogoutSuccessHandler extends SimpleUrlLogoutSuccessHandler {
-
-    public WebLogoutSuccessHandler setDefTargetUrl(String defaultTargetUrl){
-        this.setDefaultTargetUrl(defaultTargetUrl);
-        return this;
-    }
-
-    @Override
-    public void onLogoutSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException {
-        log.info("onLogoutSuccess: {}", request);
-        super.handle(request, response, authentication);
-    }
-
-}

src/main/java/com/its/op/webapp/config/WebConfig.java → src/main/java/com/its/op/security/WebMvcConfig.java

@@ -1,16 +1,13 @@
-package com.its.op.webapp.config;
+package com.its.op.security;
 
 import com.its.op.interceptor.ApiHandlerInterceptor;
 import lombok.AllArgsConstructor;
 import org.springframework.context.annotation.Configuration;
-import org.springframework.web.servlet.config.annotation.CorsRegistry;
-import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
-import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
-import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
+import org.springframework.web.servlet.config.annotation.*;
 
 @AllArgsConstructor
 @Configuration
-public class WebConfig implements WebMvcConfigurer {
+public class WebMvcConfig implements WebMvcConfigurer {
 
     public static final String USER_UUID = "UUID";
     public static final String USER_TIME = "TIME";
@@ -39,6 +36,12 @@ public class WebConfig implements WebMvcConfigurer {
                 .maxAge(3600)                                   // 브라우저 캐시 시간(단위: 초) : "3600" 이면 최소 1시간 안에는 서버로 재요청 되지 않음
         ;
     }
+
+//    @Override
+//    public void addViewControllers(ViewControllerRegistry registry) {
+//        //registry.addRedirectViewController("/", "/api/auth/login.do");
+//    }
+
     @Override
     public void addResourceHandlers(ResourceHandlerRegistry registry) {
 //        registry.addResourceHandler("swagger-ui.html")

src/main/java/com/its/op/webapp/config/WebSecurityConfig.java → src/main/java/com/its/op/security/WebSecurityConfig.java

@@ -1,9 +1,5 @@
-package com.its.op.webapp.config;
+package com.its.op.security;
 
-import com.its.op.webapp.handler.LoginFailureHandler;
-import com.its.op.webapp.handler.LoginSuccessHandler;
-import com.its.op.webapp.security.WebPasswordEncoder;
-import com.its.op.webapp.service.WebLoginService;
 import lombok.RequiredArgsConstructor;
 import org.springframework.boot.web.servlet.ServletListenerRegistrationBean;
 import org.springframework.context.annotation.Bean;
@@ -28,11 +24,12 @@ import org.springframework.security.web.session.HttpSessionEventPublisher;
 public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
 
     private final WebLoginService loginService;
-    private final LoginSuccessHandler loginSuccessHandler;
-    private final LoginFailureHandler loginFailureHandler;
+    private final WebLoginSuccessHandler webLoginSuccessHandler;
+    private final WebLoginFailureHandler webLoginFailureHandler;
 
     @Override
     public void configure(WebSecurity web) {
+        web.ignoring().antMatchers("/favicon.ico");
         // static 디렉터리의 하위 파일 목록은 인증 무시 ( = 항상통과 )
         web.ignoring().antMatchers("/js/**", "/images/**", "/libs/**", "/css/**", "/application/fonts/**");
         //web.ignoring().requestMatchers(PathRequest.toStaticResources().atCommonLocations());    // 정적 리소스 접근 가능하게
@@ -68,15 +65,15 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
                 .defaultSuccessUrl("/application/op/00.main/main.html", true)
                 .usernameParameter("username")
                 .passwordParameter("password")
-                .successHandler(this.loginSuccessHandler)
-                .failureHandler(this.loginFailureHandler)
+                .successHandler(this.webLoginSuccessHandler)
+                .failureHandler(this.webLoginFailureHandler)
                 .permitAll()
                 .and()
             .logout()
                 .invalidateHttpSession(true)
                 .deleteCookies("JSESSIONID")
-                .deleteCookies(WebConfig.USER_UUID)
-                .deleteCookies(WebConfig.USER_TIME)
+                .deleteCookies(WebMvcConfig.USER_UUID)
+                .deleteCookies(WebMvcConfig.USER_TIME)
                 .logoutSuccessUrl("/api/auth/login.do").permitAll()
                 .and()
             .sessionManagement()

src/main/java/com/its/op/security/WebSecurityConfigurer.java

@@ -1,120 +0,0 @@
-package com.its.op.security;
-
-import com.its.op.webapp.security.WebPasswordEncoder;
-import lombok.AllArgsConstructor;
-import lombok.extern.slf4j.Slf4j;
-import org.springframework.http.HttpMethod;
-import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
-import org.springframework.security.config.annotation.web.builders.HttpSecurity;
-import org.springframework.security.config.annotation.web.builders.WebSecurity;
-import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
-import org.springframework.security.crypto.password.PasswordEncoder;
-import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
-
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.Collections;
-
-@Slf4j
-@AllArgsConstructor
-//@EnableWebSecurity
-public class WebSecurityConfigurer extends WebSecurityConfigurerAdapter {
-
-    private final WebAuthenticationSuccessHandler authenticationSuccessHandler;
-    private final WebAuthenticationFailureHandler authenticationFailureHandler;
-    private final WebLogoutSuccessHandler logoutSuccessHandler;
-    private final WebAccessDeniedHandler accessDeniedHandler;
-    private final WebSessionExpiredStrategy sessionExpiredStrategy;
-    private final WebUserDetailsService userDetailsService;
-    private final WebAuthenticationProvider authenticationProvider;
-    //private UserService userService;
-
-    @Override
-    public void configure(WebSecurity web) throws Exception {
-        // static 디렉터리의 하위 파일 목록은 인증 무시 ( = 항상통과 )
-        web.ignoring().antMatchers("/js/**", "/images/**", "/libs/**", "/css/**", "/application/fonts/**");
-        //web.ignoring().requestMatchers(PathRequest.toStaticResources().atCommonLocations());    // 정적 리소스 접근 가능하게
-        web.ignoring().antMatchers(HttpMethod.GET, "/api/**");  // GET Method 는 모두 통과
-    }
-
-    @Override
-    protected void configure(HttpSecurity http) throws Exception {
-
-        http.formLogin()
-                .loginPage("/login_form.html").permitAll() // 로그인 페이지
-                .loginProcessingUrl("/auth") // 로그인 처리 URL
-                .usernameParameter("loginid").passwordParameter("passwd")
-                .successHandler(this.authenticationSuccessHandler.setDefaultUrl("/dashboard/main.html"))
-                .failureHandler(this.authenticationFailureHandler)
-                .and();
-
-        http.logout()
-                .logoutRequestMatcher(new AntPathRequestMatcher("/common/logout.html"))// 로그아웃 URL
-                .logoutSuccessHandler(this.logoutSuccessHandler.setDefTargetUrl(("/login_form.html")))
-                .clearAuthentication(true)
-                .invalidateHttpSession(true).and();
-
-        http.exceptionHandling()
-                .accessDeniedHandler(accessDeniedHandler.setDefaultTargetUrl("/caution/access_denied.html")).and(); // 불량 접근 처리
-
-        Collection<Matcher> matchers = getAuthUrlAndRoles();
-        for(Matcher matcher : matchers){
-            http.authorizeRequests().antMatchers(matcher.url).access(matcher.roles);
-        }
-        http.authorizeRequests().anyRequest().authenticated().and();
-
-        http.sessionManagement()
-                .maximumSessions(1)  // 같은 아이디로 1명만 로그인 할 수 있음
-                .maxSessionsPreventsLogin(false) // 신규 로그인 사용자의 로그인이 허용되고, 기존 사용자는 세션아웃 됨
-                .expiredSessionStrategy(this.sessionExpiredStrategy.setDefaultUrl("/caution/session_out.html"))
-                .and();
-    }
-
-    @Override
-    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
-        this.authenticationProvider.setSecurityUserDetailsService(this.userDetailsService);
-        this.authenticationProvider.setPasswordEncoder(passwordEncoder());
-        auth.authenticationProvider(this.authenticationProvider);
-    }
-
-    //@Bean
-    public PasswordEncoder passwordEncoder() {
-        return new WebPasswordEncoder();
-    }
-
-    private Collection<Matcher> getAuthUrlAndRoles(){
-        Collection <Matcher> matchers = new ArrayList<>();
-//        List<ComMenuMngt> comMenuMngtList = userService.findAllComMenuMngtAndAuthGrpMngt();
-//
-//        for(ComMenuMngt comMenuMgt : comMenuMngtList){
-//            Matcher matcher = new Matcher();
-//            String menuUrl = comMenuMgt.getMenuUrl();
-//            matcher.url = menuUrl.substring(0, menuUrl.lastIndexOf("/")) + "/**";
-//            StringBuilder sb = null;
-//
-//            if(comMenuMgt.getComAuthGrpMenuMaps() == null) continue;
-//            if(comMenuMgt.getComAuthGrpMenuMaps().size() > 1){
-//                for(ComAuthGrpMenuMap comAuthGrpMenuMap : comMenuMgt.getComAuthGrpMenuMaps()){
-//                    if(sb == null){
-//                        sb = new StringBuilder("hasAnyRole('ROLE_G").append(comAuthGrpMenuMap.getComAuthGrpMngt().getAuthGrpMngtSeq()).append("'");
-//                    }else{
-//                        sb.append(" ,'ROLE_G").append(comAuthGrpMenuMap.getComAuthGrpMngt().getAuthGrpMngtSeq()).append("'");
-//                    }
-//                }
-//                sb.append(")");
-//            }else{
-//                sb = new StringBuilder("hasRole('ROLE_G").append(comMenuMgt.getComAuthGrpMenuMaps().get(0).getComAuthGrpMngt().getAuthGrpMngtSeq()).append("')");
-//            }
-//
-//            matcher.roles = sb.toString();
-//            matchers.add(matcher);
-//        }
-
-        return Collections.unmodifiableCollection(matchers);
-    }
-
-    class Matcher {
-        String url;
-        String roles;
-    }
-}

src/main/java/com/its/op/security/WebSessionExpiredStrategy.java

@@ -1,29 +0,0 @@
-package com.its.op.security;
-
-import lombok.Getter;
-import lombok.extern.slf4j.Slf4j;
-import org.springframework.security.web.session.SessionInformationExpiredEvent;
-import org.springframework.security.web.session.SessionInformationExpiredStrategy;
-
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletResponse;
-import java.io.IOException;
-
-@Slf4j
-@Getter
-//@Component
-public class WebSessionExpiredStrategy implements SessionInformationExpiredStrategy {
-
-    private String defaultUrl;
-
-    public WebSessionExpiredStrategy setDefaultUrl(String defaultUrl) {
-        this.defaultUrl = defaultUrl;
-        return this;
-    }
-
-    @Override
-    public void onExpiredSessionDetected(SessionInformationExpiredEvent event) throws IOException, ServletException {
-        HttpServletResponse response = event.getResponse();
-        response.sendRedirect(this.defaultUrl);
-    }
-}

src/main/java/com/its/op/security/WebUserDetails.java

@@ -1,160 +0,0 @@
-package com.its.op.security;
-
-import com.its.op.dto.its.oper.TbUserInfrDto;
-import com.its.op.entity.its.oper.TbUserInfr;
-import com.its.op.webapp.security.WebPasswordEncoder;
-import io.swagger.annotations.ApiModelProperty;
-import lombok.*;
-import lombok.extern.slf4j.Slf4j;
-import org.apache.commons.lang.StringUtils;
-import org.springframework.security.core.GrantedAuthority;
-import org.springframework.security.core.authority.SimpleGrantedAuthority;
-import org.springframework.security.core.userdetails.UserDetails;
-
-import java.util.Collection;
-import java.util.HashSet;
-import java.util.Set;
-
-/**
- * 사용자정보 Entity Class
- */
-@Slf4j
-@Data
-@NoArgsConstructor(access = AccessLevel.PROTECTED)
-@Builder
-@AllArgsConstructor
-public class WebUserDetails implements UserDetails {
-    private static final long serialVersionUID = 1L;
-
-    @ApiModelProperty("사용자ID")  // N VARCHAR(20)
-    private String userId;
-    @ApiModelProperty("암호")  // Y VARCHAR(64)
-    private String pwd;
-    @ApiModelProperty("성명")  // Y VARCHAR(30)
-    private String name;
-    @ApiModelProperty("회사")  // Y VARCHAR(50)
-    private String comp;
-    @ApiModelProperty("전화번호")  // Y VARCHAR(128)
-    private String tel;
-    @ApiModelProperty("주소")  // Y VARCHAR(200)
-    private String addr;
-    @ApiModelProperty("이동전화")  // Y VARCHAR(128)
-    private String mobile;
-    @ApiModelProperty("이메일")  // Y VARCHAR(128)
-    private String emal;
-    @ApiModelProperty("삭제 여부")  // Y CHAR(1)
-    private String delYn;
-
-    @ApiModelProperty("등록일자")  // Y VARCHAR(14)
-    private String rgstymd;
-    @ApiModelProperty("수정일자")  // Y VARCHAR(14)
-    private String crctymd;
-
-    @ApiModelProperty("힌트질문")  // Y VARCHAR(7)
-    private String hintQues;
-    @ApiModelProperty("힌트질문답")  // Y VARCHAR(100)
-    private String hintAns;
-
-    @ApiModelProperty("그룹ID")  // Y VARCHAR(30)
-    private String gropId;
-    @ApiModelProperty("운영시스템ID")  // Y VARCHAR(30)
-    private String operSystId;
-
-    public TbUserInfrDto toDto() {
-        return TbUserInfrDto.builder()
-                .userId(this.userId)
-                .pwd(this.pwd)
-                .name(this.name)
-                .comp(this.comp)
-                .tel(this.tel)
-                .addr(this.addr)
-                .mobile(this.mobile)
-                .emal(this.emal)
-                .delYn(this.delYn)
-                .rgstymd(this.rgstymd)
-                .crctymd(this.crctymd)
-                .hintQues(this.hintQues)
-                .hintAns(this.hintAns)
-                .gropId(this.gropId)
-                .operSystId(this.operSystId)
-                .build();
-    }
-    public TbUserInfr toEntity() {
-        return TbUserInfr.builder()
-                .userId(this.userId)
-                .pwd(this.pwd)
-                .name(this.name)
-                .comp(this.comp)
-                .tel(this.tel)
-                .addr(this.addr)
-                .mobile(this.mobile)
-                .emal(this.emal)
-                .delYn(this.delYn)
-                .rgstymd(this.rgstymd)
-                .crctymd(this.crctymd)
-                .hintQues(this.hintQues)
-                .hintAns(this.hintAns)
-                .gropId(this.gropId)
-                .operSystId(this.operSystId)
-                .build();
-    }
-
-    @Override
-    public Collection<? extends GrantedAuthority> getAuthorities() {
-        Set<GrantedAuthority> roles = new HashSet<GrantedAuthority>();
-        if (StringUtils.equalsIgnoreCase("GROPMANAGER", this.gropId)) {
-            roles.add(new SimpleGrantedAuthority("ROLE_ADMIN"));
-        }
-        else if (StringUtils.equalsIgnoreCase("GROPSYSOP", this.gropId)) {
-            roles.add(new SimpleGrantedAuthority("ROLE_ADMIN"));
-        }
-        else {
-            roles.add(new SimpleGrantedAuthority("ROLE_ADMIN"));
-        }
-        log.error("getAuthorities: {}", roles.toString());
-        return roles;
-    }
-
-    @Override
-    public String getPassword() {
-        log.error("getPassword: {}", this.pwd);
-        WebPasswordEncoder be = new WebPasswordEncoder();
-        String pwd = be.encode(this.pwd);
-        log.error("getPassword: {}, encoded.", this.pwd);
-        return pwd;
-    }
-
-    @Override
-    public String getUsername() {
-//        log.error("{}", Thread.currentThread().getStackTrace()[0].toString());
-//        log.error("{}", Thread.currentThread().getStackTrace()[1].toString());
-//        log.error("{}", Thread.currentThread().getStackTrace()[2].toString());
-//        log.error("{}", Thread.currentThread().getStackTrace()[3].toString());
-        log.error("getUsername: {}, {}.{}", this.userId, Thread.currentThread().getStackTrace()[2].getClassName(), Thread.currentThread().getStackTrace()[2].getMethodName());
-        return this.userId;
-    }
-
-    @Override
-    public boolean isAccountNonExpired() {
-        log.error("isAccountNonExpired");
-        return true;
-    }
-
-    @Override
-    public boolean isAccountNonLocked() {
-        log.error("isAccountNonLocked");
-        return true;
-    }
-
-    @Override
-    public boolean isCredentialsNonExpired() {
-        log.error("isCredentialsNonExpired");
-        return true;
-    }
-
-    @Override
-    public boolean isEnabled() {
-        log.error("isEnabled: {}", StringUtils.equalsIgnoreCase("N", this.delYn));
-        return StringUtils.equalsIgnoreCase("N", this.delYn);
-    }
-}

src/main/java/com/its/op/security/WebUserDetailsService.java

@@ -1,27 +0,0 @@
-package com.its.op.security;
-
-import com.its.op.dao.repository.its.oper.TbUserInfrRepository;
-import com.its.op.entity.its.oper.TbUserInfr;
-import lombok.RequiredArgsConstructor;
-import lombok.extern.slf4j.Slf4j;
-import org.springframework.security.core.userdetails.UserDetails;
-import org.springframework.security.core.userdetails.UserDetailsService;
-import org.springframework.security.core.userdetails.UsernameNotFoundException;
-
-import java.util.Optional;
-
-@Slf4j
-//@Service
-@RequiredArgsConstructor
-public class WebUserDetailsService implements UserDetailsService {
-
-    private final TbUserInfrRepository userRepo;
-
-    @Override
-    public UserDetails loadUserByUsername(String userId) throws UsernameNotFoundException {
-        log.info("loadUserByUsername: {}", userId);
-        Optional<TbUserInfr> optUserInfr = this.userRepo.findById(userId);
-        TbUserInfr userInfr = optUserInfr.orElseThrow(() -> new UsernameNotFoundException(userId + " 을(를) 찾을 수 없습니다."));
-        return userInfr.toUserDetails();
-    }
-}

src/main/java/com/its/op/security/WebUserLoginDto.java

@@ -1,15 +0,0 @@
-package com.its.op.security;
-
-import lombok.Builder;
-import lombok.Data;
-
-import java.io.Serializable;
-
-@Data
-@Builder
-public class WebUserLoginDto implements Serializable {
-    private static final long serialVersionUID = 1L;
-
-    private String username;
-    private String password;
-}

src/main/java/com/its/op/webapp/security/WebPasswordEncoder.java

@@ -1,45 +0,0 @@
-package com.its.op.webapp.security;
-
-import lombok.extern.slf4j.Slf4j;
-import org.apache.commons.lang.StringUtils;
-import org.springframework.security.crypto.password.PasswordEncoder;
-
-@Slf4j
-public class WebPasswordEncoder implements PasswordEncoder {
-
-    @Override
-    public String encode(CharSequence rawPassword) {
-        // UserInfrVo 의 비밀번호(DB 에서 조회한 비밀번호)
-        if (rawPassword == null) {
-            throw new IllegalArgumentException("rawPassword cannot be null");
-        }
-        log.error("encode: {}", rawPassword.toString());
-        return rawPassword.toString();
-    }
-
-    @Override
-    public boolean matches(CharSequence rawPassword, String encodedPassword) {
-        // 사용자가 입력한 비밀번호: rawPassword
-        // UserDetails.getPassword : encodedPassword
-        if (rawPassword == null) {
-            throw new IllegalArgumentException("rawPassword cannot be null");
-        }
-
-        if (encodedPassword == null || encodedPassword.length() == 0) {
-            log.warn("Empty encoded password");
-            return false;
-        }
-        log.error("matches: {}, {}, {}", rawPassword.toString(), encodedPassword, StringUtils.equals(rawPassword.toString(), encodedPassword));
-        return StringUtils.equals(rawPassword.toString(), encodedPassword);
-    }
-
-    @Override
-    public boolean upgradeEncoding(String encodedPassword) {
-        log.error("upgradeEncoding: {}", encodedPassword);
-        if (encodedPassword == null || encodedPassword.length() == 0) {
-            log.warn("Empty encoded password");
-            return false;
-        }
-        return true;
-    }
-}

src/main/java/com/its/utils/AESUtils.java

@@ -0,0 +1,68 @@
+package com.its.utils;
+
+import org.springframework.util.Base64Utils;
+
+import javax.crypto.BadPaddingException;
+import javax.crypto.Cipher;
+import javax.crypto.IllegalBlockSizeException;
+import javax.crypto.NoSuchPaddingException;
+import javax.crypto.spec.IvParameterSpec;
+import javax.crypto.spec.SecretKeySpec;
+import java.nio.charset.StandardCharsets;
+import java.security.*;
+
+public class AESUtils {
+    private final String ALGORITHM = "AES/CBC/PKCS5PADDING";
+    private final String KEY = "its-op-key";
+    private String iv;
+
+    public String encrypt(String data) {
+        try {
+            Cipher cipher = Cipher.getInstance(ALGORITHM);
+            cipher.init(Cipher.ENCRYPT_MODE, createKeySpec(), createIvSpec());
+            byte[] encryptData = cipher.doFinal(data.getBytes(StandardCharsets.UTF_8));
+            return iv + Base64Utils.encodeToString(encryptData);
+        } catch (NoSuchAlgorithmException | NoSuchPaddingException | InvalidKeyException | InvalidAlgorithmParameterException | IllegalBlockSizeException | BadPaddingException e) {
+            throw new RuntimeException("encrypt fail : " + e.getMessage());
+        }
+    }
+
+    public String decrypt(String data) {
+        String ivStr = data.substring(0,16);
+        String content = data.substring(16);
+        byte[] dataBytes = Base64Utils.decodeFromString(content);
+
+        try {
+            Cipher cipher = Cipher.getInstance(ALGORITHM);
+            cipher.init(Cipher.DECRYPT_MODE, createKeySpec(), new IvParameterSpec(ivStr.getBytes(StandardCharsets.UTF_8)));
+            byte[] original = cipher.doFinal(dataBytes);
+            return new String(original, StandardCharsets.UTF_8);
+        } catch (NoSuchAlgorithmException | NoSuchPaddingException | InvalidKeyException |
+                 InvalidAlgorithmParameterException | IllegalBlockSizeException | BadPaddingException e) {
+            throw new RuntimeException("decrypt fail : " + e.getMessage());
+        }
+    }
+
+    private IvParameterSpec createIvSpec() {
+        try {
+            String iv = StringUtils.randomStr(16);
+            this.iv = iv;
+            return new IvParameterSpec(iv.getBytes(StandardCharsets.UTF_8));
+        } catch (Exception e) {
+            throw new RuntimeException("createIvSpec fail : " +  e.getMessage());
+        }
+
+    }
+
+    private Key createKeySpec() {
+        try {
+            MessageDigest digest = MessageDigest.getInstance("SHA-256");
+            byte[] hashBytes = digest.digest(KEY.getBytes(StandardCharsets.UTF_8));
+            return new SecretKeySpec(hashBytes, "AES");
+        } catch (NoSuchAlgorithmException e) {
+            throw new RuntimeException("createKeySpec fail : " + e.getMessage());
+        }
+    }
+
+
+}

src/main/java/com/its/utils/StringUtils.java

@@ -2,10 +2,33 @@ package com.its.utils;
 
 import java.util.ArrayList;
 import java.util.List;
+import java.util.Random;
 import java.util.StringTokenizer;
 
 public class StringUtils {
 
+    public static String randomStr(int length) {
+        Random random = new Random();
+        StringBuilder str = new StringBuilder();
+        for (int ii = 0; ii < length; ii++) {
+            int choice = random.nextInt(3);
+            switch(choice) {
+                case 0:
+                    str.append((char)(random.nextInt(25)+97));
+                    break;
+                case 1:
+                    str.append((char)(random.nextInt(25) +65));
+                    break;
+                case 2:
+                    str.append((char)(random.nextInt(10) +48));
+                    break;
+                default:
+                    break;
+            }
+        }
+        return str.toString();
+    }
+
     public static List<String> split(String value, String delim) {
 
         List<String> list = new ArrayList<String>();