JSP Á÷Á¢Á¢±Ù ¸·±â
JSP ¸¦ WEB-INF ÇÏÀ§ µð·ºÅ丮¿¡ ³õ´Â °ÍÀÌ ÃÖ»óÀÌ´Ù.
WEB-INF µð·ºÅ丮´Â Ŭ¶óÀ̾ðÆ®¿¡°Ô´Â Á¢±ÙÀÌ ±ÝÁöµÇ¾î ÀÖÀ¸³ª, ÄÁÅ×À̳ʴ Á¢±ÙÀÌ Çã¿ëµÈ´Ù.
JSP ÆäÀÌÁö¸¦ URI ·Î Á¢±ÙÇÏ¸é ½ÇÇàÇÒ ¼ö ¾øÀ¸³ª, ÄÁÅÍÀ̳ʴ ½ÇÇà °¡´ÉÇÏ´Ù´Â °ÍÀÌ´Ù.
ÇÏÁö¸¸, ÀÌ¹Ì JSP ÆÄÀϵéÀÌ WEB-INF °æ·Î¿¡ ÀÖÁö ¾Ê¾Æ, ¿ÜºÎ¿¡¼ JSP Á÷Á¢Á¢±ÙÀÌ °¡´ÉÇÏ´Ù¸é,
'security-constraint' ·Î Á÷Á¢Á¢±ÙÀ» Á¦ÇÑÇÑ´Ù.
EX ) WEB-INF/web.xml Ãß°¡
web.xml (root)
¼³Á¤ ÆÄÀÏ ÃÖÇÏ´Ü¿¡ ¾Æ·¡¿Í °°ÀÌ Ãß°¡ ÇÑ´Ù.
1 2 3 4 5 6 7 8 9 10 11 | <!-- Security-Constraint(JSP Á¢±ÙÁ¦ÇÑ) --> <security-constraint> <display-name>JSP Pages Protection</display-name> <web-resource-collection> <web-resource-name></web-resource-name> <url-pattern>/search/*</url-pattern> <url-pattern>/smartsearch/*</url-pattern> <http-method>GET</http-method> </web-resource-collection> <auth-constraint/> </security-constraint> | cs |
- url-pattern : ƯÁ¤µð·ºÅ丮¿¡ ÀÎÁõ(Á¦ÇÑ)À» °É ¼ö ÀÖ°Ô °æ·ÎÁöÁ¤
- http-method : ÀÎÁõ(Á¦ÇÑ)ÇÒ ¸Þ¼µå¸¦ ÁöÁ¤
- auth-constraint : ÄÁÅ×À̳ʿ¡°Ô °ü·Ã URL ¿¡ ´ëÇØ ÀÎÁõÀ» ½Ç½ÃÇ϶ó´Â ¸í·É
<auth-constraint> °¡ ¾ø´Ù¸é URL ¿¡ ´ëÇÑ ÀÎÁõ¾øÀÌ Á¢±Ù°¡´É
<auth-constraint/> ¿Í °°Àº Çü½ÄÀ¸·Î µÇ¾î ÀÖ´Ù¸é, ¸ðµç »ç¿ëÀÚ Á¢±ÙºÒ°¡
- ÀÎÁõÀÇ Á¾·ù
1. BASIC
2. DIGEST
3. CLIENT-CERT
4. FORM
http://lucetedaniel.tistory.com/entry/JSP-Securityconstraint-%EB%B3%B4%EC%95%88
À§ ºí·Î±×¿¡ Æ÷½ºÆÃÀÌ µÇ¾î ÀÖ¾ú´Âµ¥ ¾ðÁ¨°¡ ºÎÅÍ »ç¶óÁ® ¹ö·È´Ù...