prePostEnabled = true #7
Description
prePostEnable = true의 의미는 @PreAuthorize, @PostAuthorize 어노테이션의 사용을
허용하는 옵션이다.
이 어노테이션을 활성화 시키기 위해서는 아래에 SecurityConfig 설정에서 @EnableGlobalMethodSecurity(prePostEnabled = true) 어노테이션을 사용해야 한다.
SecurityConfig
package org.example.global.config.security;
import org.springframework.context.annotation.Bean;
import org.springframework.http.HttpMethod;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
@EnableWebSecurity(debug = true)
**@EnableGlobalMethodSecurity(prePostEnabled = true) // @PreAuthorize를 사용하기 위해**
public class SecurityConfig extends WebSecurityConfigurerAdapter {
// SecurityConfig에서 필터 체인을 설정합니다
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.inMemoryAuthentication() // 임시로 사용할 유저를 생성합니다
.withUser(User.builder()
.username("user1")
.password(passwordEncoder().encode("1234"))
.roles("USER")
).withUser(User.builder()
.username("admin")
.password(passwordEncoder().encode("1234"))
.roles("ADMIN"))
;
}
@Bean
PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
@Override
protected void configure(HttpSecurity http) throws Exception {
}
}