|
5 | 5 | import org.springframework.context.annotation.Configuration; |
6 | 6 | import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity; |
7 | 7 | import org.springframework.security.config.web.server.ServerHttpSecurity; |
8 | | -import org.springframework.security.config.web.server.ServerHttpSecurity.FormLoginSpec; |
9 | | -import org.springframework.security.config.web.server.ServerHttpSecurity.HttpBasicSpec; |
10 | 8 | import org.springframework.security.web.server.SecurityWebFilterChain; |
11 | 9 | import org.springframework.web.cors.reactive.CorsConfigurationSource; |
12 | 10 |
|
13 | 11 | @Configuration |
14 | 12 | @EnableWebFluxSecurity |
15 | 13 | public class SecurityConfig { |
16 | 14 |
|
17 | | - @Bean |
18 | | - public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http, CorsConfigurationSource corsSource) { |
19 | | - return http |
20 | | - .csrf(csrf -> csrf.disable()) |
21 | | - .cors(cors -> cors.configurationSource(corsSource)) // ✅ 최신 방식 |
22 | | - .formLogin(ServerHttpSecurity.FormLoginSpec::disable) // 로그인폼 끄기 |
23 | | - .httpBasic(ServerHttpSecurity.HttpBasicSpec::disable) // 기본 인증도 끄기 |
24 | | - .authorizeExchange(ex -> ex |
25 | | - .pathMatchers("/**","/auth/**" ,"/webjars","/swagger-ui/**", "/v3/api-docs/**").permitAll() |
26 | | - .anyExchange().authenticated() |
27 | | - ) |
28 | | - .build(); |
29 | | - } |
| 15 | + @Bean |
| 16 | + public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http, CorsConfigurationSource corsSource) { |
| 17 | + return http |
| 18 | + .csrf(csrf -> csrf.disable()) |
| 19 | + .cors(cors -> cors.configurationSource(corsSource)) |
| 20 | + .formLogin(ServerHttpSecurity.FormLoginSpec::disable) |
| 21 | + .httpBasic(ServerHttpSecurity.HttpBasicSpec::disable) |
| 22 | + .authorizeExchange(ex -> ex |
| 23 | + .anyExchange().permitAll() |
| 24 | + ) |
| 25 | + .build(); |
| 26 | + } |
30 | 27 | } |
31 | 28 |
|
0 commit comments