<?xml version="1.0" encoding="UTF-8"?> <beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:egov-security="http://www.egovframe.go.kr/schema/egov-security" xmlns:security="http://www.springframework.org/schema/security" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.0.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-4.2.xsd http://www.egovframe.go.kr/schema/egov-security http://www.egovframe.go.kr/schema/egov-security/egov-security-3.7.xsd"> <security:http pattern="/css/**" security="none"/> <security:http pattern="/html/**" security="none"/> <security:http pattern="/images/**" security="none"/> <security:http pattern="/js/**" security="none"/> <security:http pattern="/resource/**" security="none"/> <security:http pattern="\A/WEB-INF/jsp/.*\Z" request-matcher="regex" security="none"/> <egov-security:config id="securityConfig" loginUrl="/uat/uia/actionMain.do" logoutSuccessUrl="/uat/uia/actionMain.do" loginFailureUrl="/uat/uia/actionSecurityLogin.do?login_error=1" accessDeniedUrl="/sec/ram/accessDenied.do" dataSource="egov.dataSource" jdbcUsersByUsernameQuery="SELECT USER_ID, ESNTL_ID AS PASSWORD, 1 ENABLED, USER_NM, USER_ZIP, USER_ADRES, USER_EMAIL, USER_SE, '-' ORGNZT_ID, ESNTL_ID, MBTLNUM AS MOBLPHONNO, '-' ORGNZT_NM, AUTHOR_CODE AS AUTHORITY, DEPT FROM COMVNUSERMASTER A INNER JOIN LETTNEMPLYRSCRTYESTBS B ON A.ESNTL_ID = B.SCRTY_DTRMN_TRGET_ID WHERE CONCAT(USER_SE, USER_ID) = ?" jdbcAuthoritiesByUsernameQuery="SELECT A.SCRTY_DTRMN_TRGET_ID USER_ID, A.AUTHOR_CODE AUTHORITY FROM LETTNEMPLYRSCRTYESTBS A, COMVNUSERMASTER B WHERE A.SCRTY_DTRMN_TRGET_ID = B.ESNTL_ID AND B.USER_ID = ?" jdbcMapClass="itn.let.uat.uia.service.impl.EgovSessionMapping" requestMatcherType="regex" hash="plaintext" hashBase64="false" concurrentMaxSessons="999" concurrentExpiredUrl="/" defaultTargetUrl="/uat/uia/actionMain.do" /> <!--원 소스 --> <!-- defaultTargetUrl="/uat/uia/actionMain.do" --> <!-- sqlHierarchicalRoles=" SELECT a.CHLDRN_ROLE child, a.PARNTS_ROLE parent FROM LETTNROLES_HIERARCHY a LEFT JOIN LETTNROLES_HIERARCHY b on (a.CHLDRN_ROLE = b.PARNTS_ROLE)" --> <egov-security:secured-object-config id="securedObjectConfig" roleHierarchyString=" ROLE_ADMIN > ROLE_USER_MEMBER ROLE_USER_MEMBER > ROLE_ANONYMOUS" sqlRolesAndUrl=" SELECT a.ROLE_PTTRN url, b.AUTHOR_CODE authority FROM LETTNROLEINFO a, LETTNAUTHORROLERELATE b WHERE a.ROLE_CODE = b.ROLE_CODE AND a.ROLE_TY = 'url' ORDER BY a.ROLE_SORT" sqlRolesAndMethod=" SELECT a.ROLE_PTTRN method, b.AUTHOR_CODE authority FROM LETTNROLEINFO a, LETTNAUTHORROLERELATE b WHERE a.ROLE_CODE = b.ROLE_CODE AND a.ROLE_TY = 'method' ORDER BY a.ROLE_SORT" sqlRolesAndPointcut=" SELECT a.ROLE_PTTRN pointcut, b.AUTHOR_CODE authority FROM LETTNROLEINFO a, LETTNAUTHORROLERELATE b WHERE a.ROLE_CODE = b.ROLE_CODE AND a.ROLE_TY = 'pointcut' ORDER BY a.ROLE_SORT" sqlRegexMatchedRequestMapping=" SELECT a.resource_pattern uri, b.authority authority FROM LETTNROLEINFO a, LETTNAUTHORROLERELATE b WHERE a.ROLE_CODE = b.ROLE_CODE AND a.ROLE_TY = 'regex' ORDER BY a.ROLE_SORT" /> <egov-security:initializer id="initializer" supportMethod="true" supportPointcut="false" /> <!-- URL에 세미콜론(semicolon)허용 여부(기본값/false) --> <bean id="egovStrictHttpFirewall" class="org.springframework.security.web.firewall.StrictHttpFirewall"> <property name="allowSemicolon" value="true"/> </bean> <security:http-firewall ref="egovStrictHttpFirewall"/> </beans>