728x90
반응형
전자정부 시큐리티 관련 설정 파일입니다.
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:egov-security="http://www.egovframe.go.kr/schema/egov-security"
xmlns:security="http://www.springframework.org/schema/security"
xsi:schemaLocation="http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-4.2.xsd
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.3.xsd
http://www.egovframe.go.kr/schema/egov-security http://www.egovframe.go.kr/schema/egov-security/egov-security-3.7.xsd">
<!--
수정일 수정자 수정내용
========= ======= =================================================
2011.09.07 서준식 일반, 업무사용자의 경우 조직아이디가 없어 로그인이 안되던 문제 수정(SQL 수정)
2011.09.25 서준식 usersByUsernameQuery 쿼리의 조직 아이디 비교 부분 오류 수정 > alias 추가
2014.06.13 Vincent Han 표준프레임워크 3.0 적용 (간소화 설정 사용)
2017.07.10 장동한 실행행환경 v3.7 적용[보안기능 추가(sniff, xFrameOptions, xssProtection csrf)]
2018.10.26 신용호 실행행환경 v3.8 적용
-->
<security:http pattern="/common/**" security="none"/>
<security:http pattern="/css/**" security="none"/>
<security:http pattern="/html/**" security="none"/>
<security:http pattern="/fonts/**" security="none"/>
<security:http pattern="/img/**" security="none"/>
<security:http pattern="/images/**" security="none"/>
<security:http pattern="/js/**" security="none"/>
<security:http pattern="/resource/**" security="none"/>
<security:http pattern="/portal/css/**" security="none"/>
<security:http pattern="/portal/images/**" security="none"/>
<security:http pattern="/portal/img/**" security="none"/>
<security:http pattern="/portal/js/**" security="none"/>
<security:http pattern="/mobile/css/**" security="none"/>
<security:http pattern="/mobile/images/**" security="none"/>
<security:http pattern="/mobile/js/**" security="none"/>
<security:http pattern="\A/WEB-INF/jsp/.*\Z" request-matcher="regex" security="none"/>
<egov-security:config id="securityConfig"
loginUrl="${Globals.web.loginUrl}"
logoutSuccessUrl="${Globals.web.loginUrl}"
loginFailureUrl="${Globals.web.loginUrl}"
accessDeniedUrl="${Globals.web.accessDeniedUrl}"
dataSource="egov.postgreDataSource"
jdbcUsersByUsernameQuery=" SELECT a.LGN_ID AS USER_ID,
a.LGN_ID as PASSWORD,
a.USER_NM,
1 ENABLED,
a.BLNG_INSTT_CD,
b.AUTHOR_CODE,
b.INSTT_ENTRPS_SE,
b.INSTT_ENTRPS_MNO,
b.INSTT_ENTRPS_CL_CODE,
DECODE(b.INSTT_ENTRPS_MNO,'00','농림축산식품부', NVL(F_GET_INSTT_ENTRPS_NAME(b.INSTT_ENTRPS_MNO),' ')) AS INSTT_ENTRPS_MNO_NM,
c.AUTHOR_NM
FROM NAQSCOM.NCOM_ID_MSTR a,
TN_USER_INSTT_ENTRPS_R b,
COMTNAUTHORINFO c
WHERE a.LGN_ID = B.USER_ID
AND b.author_code = c.author_code
AND a.EFTV_YN = 'Y'
AND b.DEL_YN = 'N'
AND b.USE_YN = 'Y'
AND CONCAT(LGN_ID,b.AUTHOR_CODE) = ?
AND ROWNUM = 1"
jdbcAuthoritiesByUsernameQuery=" SELECT
A.LGN_ID USER_ID,
B.AUTHOR_CODE AS AUTHORITY
FROM NAQSCOM.NCOM_ID_MSTR A, TN_USER_INSTT_ENTRPS_R B
WHERE A.LGN_ID = B.USER_ID
AND CONCAT(A.LGN_ID,b.AUTHOR_CODE) = ?
AND b.DEL_YN = 'N'
AND b.USE_YN = 'Y'
AND A.EFTV_YN = 'Y'
AND ROWNUM = 1"
jdbcMapClass="egovframework.com.sec.security.common.EgovSessionMapping"
requestMatcherType="regex"
hash="plaintext"
hashBase64="false"
concurrentMaxSessons="999"
concurrentExpiredUrl="${Globals.web.concurrentExpiredUrl}"
defaultTargetUrl="${Globals.web.loginSuccessUrl}"
sniff="true"
xframeOptions="SAMEORIGIN"
xssProtection="true"
csrf="false"
/>
<egov-security:secured-object-config id="securedObjectConfig"
sqlHierarchicalRoles="
SELECT a.CHLDRN_ROLE AS child
, a.PARNTS_ROLE AS parent
FROM COMTNROLES_HIERARCHY a LEFT JOIN COMTNROLES_HIERARCHY b on (a.CHLDRN_ROLE = b.PARNTS_ROLE)
ORDER BY a.CHLDRN_ROLE"
sqlRolesAndUrl="
SELECT a.ROLE_PTTRN url, b.AUTHOR_CODE authority
FROM COMTNROLEINFO a, COMTNAUTHORROLERELATE b
WHERE a.ROLE_CODE = b.ROLE_CODE
AND a.ROLE_TY = 'url' ORDER BY a.ROLE_SORT"
sqlRolesAndMethod="
SELECT a.ROLE_PTTRN as method, b.AUTHOR_CODE as authority
FROM COMTNROLEINFO a, COMTNAUTHORROLERELATE b
WHERE a.ROLE_CODE = b.ROLE_CODE
AND a.ROLE_TY = 'method' ORDER BY a.ROLE_SORT
"
sqlRolesAndPointcut="
SELECT a.ROLE_PTTRN AS pointcut, b.AUTHOR_CODE AS authority
FROM COMTNROLEINFO a, COMTNAUTHORROLERELATE b
WHERE a.ROLE_CODE = b.ROLE_CODE
AND a.ROLE_TY = 'pointcut' ORDER BY a.ROLE_SORT"
sqlRegexMatchedRequestMapping="
SELECT a.ROLE_PTTRN AS uri, b.AUTHOR_CODE AS authority
FROM COMTNROLEINFO a, COMTNAUTHORROLERELATE b
WHERE a.ROLE_CODE = b.ROLE_CODE
AND a.ROLE_TY = 'regex'
ORDER BY a.ROLE_SORT"
/>
<egov-security:initializer id="initializer" supportMethod="true" supportPointcut="false" />
<!-- URL에 세미콜론(semicolon)허용 여부(기본값/false) -->
<!--
<bean id="egovStrictHttpFirewall" class="org.springframework.security.web.firewall.StrictHttpFirewall">
<property name="allowSemicolon" value="true"/>
</bean>
<security:http-firewall ref="egovStrictHttpFirewall"/>
-->
<bean id="exceptionTranslationFilter" class="egovframework.com.sec.security.filter.CustomFilter"/>
</beans>
728x90
반응형
'프로그램 > JPA' 카테고리의 다른 글
| mapper-config.xml (0) | 2021.07.02 |
|---|---|
| context-transaction.xml (0) | 2021.07.02 |
| context-nexacro.xml (0) | 2021.07.02 |
| context-mapper.xml (0) | 2021.07.02 |
| context-jpa-repository.xml (0) | 2021.07.02 |
댓글