0
로컬로 작동하는 간단한 봄 프로젝트가 있습니다. URL은 스프링 보안에 의해 차단되지만 Google App Engine 서버에 업로드하면 보안이 작동하지 않고 인증 된 방법이 대신 실행됩니다.서버 (Google Appengine)에서 스프링 보안이 작동하지 않습니다.
public class SpringSecutiryInitializer extends AbstractSecurityWebApplicationInitializer {
// Do nothing. This initializes the security chain.
}
public class SpringMvcInitializer
extends AbstractAnnotationConfigDispatcherServletInitializer {
@Override
protected Class<?>[] getRootConfigClasses() {
return new Class[] { AppConfig.class, SecurityConfig.class };
}
@Override
protected Class<?>[] getServletConfigClasses() {
return null;
}
@Override
protected String[] getServletMappings() {
return new String[] { "/" };
}
}
@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
Environment env;
@Autowired
DataSource dataSource;
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth)
throws Exception {
String databaseName = env.getProperty("jdbc.databaseName");
auth.jdbcAuthentication()
.dataSource(dataSource)
.usersByUsernameQuery(
"select username,password,enabled from user where username=?")
.authoritiesByUsernameQuery(
"SELECT user.username, role.role FROM (" + databaseName
+ ".user_role as role JOIN " + databaseName
+ ".user as user ON"
+ " role.auth_id = user.auth_id) where user.username=?");
}
}
@Configuration
@EnableWebMvc
@EnableTransactionManagement
@ComponentScan({ "com.djw" })
public class AppConfig {
// configure different beans
}
에서 appengine-web.xml을
<?xml version="1.0" encoding="utf-8"?>
<appengine-web-app xmlns="http://appengine.google.com/ns/1.0">
<!-- Fill in the app name and version -->
<application>project-name-removed</application>
<version>1</version>
<threadsafe>true</threadsafe>
<!-- Configure serving/caching of GWT files -->
<static-files>
<include path="**" />
<!-- The following line requires App Engine 1.3.2 SDK -->
<include path="**.nocache.*" expiration="0s" />
<include path="**.cache.*" expiration="365d" />
<exclude path="**.gwt.rpc" />
</static-files>
<use-google-connector-j>true</use-google-connector-j>
<sessions-enabled>true</sessions-enabled>
<system-properties>
<property name="java.util.logging.config.file" value="WEB-INF/appengine_logging.properties"/>
<property name="spring.profiles.active" value="prod"/>
</system-properties>
</appengine-web-app>
web.xml에 다음으로
<?xml version="1.0" encoding="UTF-8"?>
<web-app version="2.5"
xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">
<display-name>Archetype Created Web Application</display-name>
<!-- Declare a Spring MVC DispatcherServlet as usual -->
<servlet>
<servlet-name>web</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<!-- Configure DispatcherServlet to use AnnotationConfigWebApplicationContext
instead of the default XmlWebApplicationContext -->
<init-param>
<param-name>contextClass</param-name>
<param-value>
org.springframework.web.context.support.AnnotationConfigWebApplicationContext
</param-value>
</init-param>
<!-- Again, config locations must consist of one or more comma- or space-delimited
and fully-qualified @Configuration classes -->
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value>com.djw.config.AppConfig</param-value>
</init-param>
</servlet>
<!-- map all requests for/to the dispatcher servlet -->
<servlet-mapping>
<servlet-name>web</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
</web-app>
, 내가 열려고 모든 URL은 사용자 이름과 암호를 스프링에 의해 차단된다. 하지만 내 서버에서는 요청이 통과하게됩니다. 왜 이런 일이 일어 났을까요?