Spring Security 구조에 대해서 - Printing the Security Filters
이전글:
2023.12.09 - [웹/Spring] - Spring Security 구조에 대해서 -Security Filters
Spring Security 구조에 대해서 -Security Filters
2023.12.09 - [웹/Spring] - Spring Security 구조에 대해서 - SecurityFilterChain Spring Security 구조에 대해서 - SecurityFilterChain 2023.12.09 - [웹/Spring] - Spring Security 구조에 대해서 - FilterChainProxy Spring Security 구조에 대
kwaksh2319.tistory.com
이전 글엔 spring filters에 대해서 작성해봤는데요.
백엔드는 프론트엔드와 달리 무언가를 확인하는게 쉽지않습니다.
그래서 filter에 대한 log를 확인하기 위한 기능이 필요하기 때문에 원서에더 그부분에 대해서 설명하고 있습니다.
아래 로그는 특정 요청에 의한 securoty filter 요청시 아래와 같이 보여집니다. 이벤트로그도 잇어서 관련해선 추후 설명하겠습니다.
2023-06-14T08:55:22.321-03:00 INFO 76975 --- [ main] o.s.s.web.DefaultSecurityFilterChain : Will secure any request with [
org.springframework.security.web.session.DisableEncodeUrlFilter@404db674,
org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter@50f097b5,
org.springframework.security.web.context.SecurityContextHolderFilter@6fc6deb7,
org.springframework.security.web.header.HeaderWriterFilter@6f76c2cc,
org.springframework.security.web.csrf.CsrfFilter@c29fe36,
org.springframework.security.web.authentication.logout.LogoutFilter@ef60710,
org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter@7c2dfa2,
org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter@4397a639,
org.springframework.security.web.authentication.ui.DefaultLogoutPageGeneratingFilter@7add838c,
org.springframework.security.web.authentication.www.BasicAuthenticationFilter@5cc9d3d0,
org.springframework.security.web.savedrequest.RequestCacheAwareFilter@7da39774,
org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter@32b0876c,
org.springframework.security.web.authentication.AnonymousAuthenticationFilter@3662bdff,
org.springframework.security.web.access.ExceptionTranslationFilter@77681ce4,
org.springframework.security.web.access.intercept.AuthorizationFilter@169268a7]
https://docs.spring.io/spring-security/reference/servlet/architecture.html#servlet-print-filters
Architecture :: Spring Security
The Security Filters are inserted into the FilterChainProxy with the SecurityFilterChain API. Those filters can be used for a number of different purposes, like authentication, authorization, exploit protection, and more. The filters are executed in a spec
docs.spring.io