Back-End/Spring Security11 Authentication Components (3) Authentication The Authentication serves two main purposes within Spring Security: 스프링시큐리티 인증은 두 가지 목적을 가지고 있다. 1. An input to AuthenticationManager to provide the credentials a user has provided to authenticate. When used in this scenario, isAuthenticated() returns false. AuthenticationManager에게 credentials 을 주기 위함. 2. Represents the currently authenticated user. The current Authentication can be obtained fro.. 2021. 3. 17. Authentication Components (2) SecurityContextHolder, SecurityContext SecurityContextHolder The SecurityContextHolder is where Spring Security stores the details of who is authenticated. Spring Security does not care how the SecurityContextHolder is populated. If it contains a value, then it is used as the currently authenticated user. The simplest way to indicate a user is authenticated is to set the SecurityContextHolder directly. SecurityContextHolder는 스프링시큐리티가.. 2021. 3. 17. Authentication Components (1) 종류 Architecture Components 에는 다음과 같이 9종류가 있다. SecurityContextHolder The SecurityContextHolder is where Spring Security stores the details of who is authenticated. SecurityContextHolder는 스프링 시큐리티가 디테일을 저장하는 곳이다. SecurityContext is obtained from the SecurityContextHolder and contains the Authentication of the currently authenticated user. SecurityContext는 SecurityContextHolder에 담겨지는 것으로서 현재 인증된 사용자의 .. 2021. 3. 17. Spring Security Authentication (5) DaoAuthenticationProvider 이번 포스팅은 DDaoAuthenticationProvider의 작동원리가 되겠다. 1. The authentication Filter from Reading the Username & Password passes a UsernamePasswordAuthenticationToken to the AuthenticationManager which is implemented by ProviderManager. Username과 Password를 인증하는 필터는 UsernamePasswordAuthenticationToken 을 생성하여 AuthenticationManager 로전달한다. 2.The ProviderManager is configured to use an AuthenticationProvider .. 2021. 3. 16. Spring Security Authentication (4) PasswordEncoder Spring Security’s servlet support storing passwords securely by integrating with PasswordEncoder. 스프링 시큐리티의 서블릿은 PasswordEncoder와 통합하여 안전한 비밀번호 저장을 지원한다. Customizing the PasswordEncoder implementation used by Spring Security can be done by exposing a PasswordEncoder Bean. PasswordEncoder Bean을 설정하여 PasswordEncoder의 설정이 가능하다. 2021. 3. 16. Spring Security Authentication (3) UserDetails #UserDetails UserDetails is returned by the UserDetailsService. The DaoAuthenticationProvider validates the UserDetails and then returns an Authentication that has a principal that is the UserDetails returned by the configured UserDetailsService. UserDetails는 UserDetailService에 의해 반환된다. DaoAuthenticationProvider 가 UserDetails를 유효화하고 인증한다. Authentication은 UserDetails의 핵심이며 UserDetailsService에 의해 .. 2021. 3. 16. 이전 1 2 다음
