From dc9ba1d219315feacd983fc5c1029057084014b2 Mon Sep 17 00:00:00 2001 From: mjkhan21 Date: Fri, 23 Feb 2024 14:21:45 +0900 Subject: [PATCH] =?UTF-8?q?onSuccess(..)=20->=20onLogin(..),=20sessionDest?= =?UTF-8?q?royed(..)=20=EC=88=98=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../service/AuthenticationService.java | 2 +- .../bean/AuthenticationServiceBean.java | 2 +- .../web/AuthenticationSuccess.java | 2 +- .../authentication/web/LogoutSuccess.java | 45 ++++++------------- 4 files changed, 16 insertions(+), 35 deletions(-) diff --git a/src/main/java/cokr/xit/base/security/authentication/service/AuthenticationService.java b/src/main/java/cokr/xit/base/security/authentication/service/AuthenticationService.java index 30b17e4..5344d35 100644 --- a/src/main/java/cokr/xit/base/security/authentication/service/AuthenticationService.java +++ b/src/main/java/cokr/xit/base/security/authentication/service/AuthenticationService.java @@ -23,7 +23,7 @@ public interface AuthenticationService extends UserDetailsService { /**인증 성공 시 실행되는 핸들러 메소드 * @param authentication 인증 정보 */ - void onSuccess(Authentication authentication); + void onLogin(Authentication authentication); /**인증 실패 시 실행되는 핸들러 메소드 * @param params 인증 시 사용한 파라미터 diff --git a/src/main/java/cokr/xit/base/security/authentication/service/bean/AuthenticationServiceBean.java b/src/main/java/cokr/xit/base/security/authentication/service/bean/AuthenticationServiceBean.java index 7938224..4484a62 100644 --- a/src/main/java/cokr/xit/base/security/authentication/service/bean/AuthenticationServiceBean.java +++ b/src/main/java/cokr/xit/base/security/authentication/service/bean/AuthenticationServiceBean.java @@ -177,7 +177,7 @@ public class AuthenticationServiceBean extends DaoAuthenticationProvider impleme } @Override - public void onSuccess(Authentication authentication) { + public void onLogin(Authentication authentication) { log().debug("{} authenticated.", authentication.getPrincipal()); authenticationBean.onSuccess(authentication); } diff --git a/src/main/java/cokr/xit/base/security/authentication/web/AuthenticationSuccess.java b/src/main/java/cokr/xit/base/security/authentication/web/AuthenticationSuccess.java index 6701d7b..8e9d069 100644 --- a/src/main/java/cokr/xit/base/security/authentication/web/AuthenticationSuccess.java +++ b/src/main/java/cokr/xit/base/security/authentication/web/AuthenticationSuccess.java @@ -72,7 +72,7 @@ public class AuthenticationSuccess extends SavedRequestAwareAuthenticationSucces user.setInfo("loggedInAt", new Date()); remember(user, hreq, hresp); } - authenticationService.onSuccess(authentication); + authenticationService.onLogin(authentication); return new DataObject().set("authenticated", true); } diff --git a/src/main/java/cokr/xit/base/security/authentication/web/LogoutSuccess.java b/src/main/java/cokr/xit/base/security/authentication/web/LogoutSuccess.java index 9705b96..c66c0a7 100644 --- a/src/main/java/cokr/xit/base/security/authentication/web/LogoutSuccess.java +++ b/src/main/java/cokr/xit/base/security/authentication/web/LogoutSuccess.java @@ -72,11 +72,6 @@ public class LogoutSuccess extends SimpleUrlLogoutSuccessHandler implements Appl @Override public void onLogoutSuccess(HttpServletRequest hreq, HttpServletResponse hresp, Authentication authentication) throws IOException, ServletException { - authenticationService.onLogout(authentication); - HttpSession session = hreq.getSession(false); - if (session != null) - session.invalidate(); - new Kookie() .set(hreq) .set(hresp) @@ -88,32 +83,6 @@ public class LogoutSuccess extends SimpleUrlLogoutSuccessHandler implements Appl hresp.sendRedirect(getSuccessUrl(hreq.getContextPath())); } - /* 쿠키에 저장된 값들을 삭제한다. - * @param hreq 서블릿 요청 - * @param hresp 서블릿 응답 - protected void removeCookies(HttpServletRequest hreq, HttpServletResponse hresp) { - Cookie[] cookies = hreq.getCookies(); - if (cookies == null || cookies.length < 1) return; - - for (Cookie cookie: cookies) { - removeCookie(hresp, cookie, "JSESSIONID", "userAccount"); - } - }*/ - - /* 지정하는 이름의 쿠키값을 삭제한다. - * @param hresp 서블릿 응답 - * @param cookie 쿠키 - * @param cookieNames 쿠키값의 이름 - protected void removeCookie(HttpServletResponse hresp, Cookie cookie, String... cookieNames) { - for (String name: cookieNames) { - if (!name.equals(cookie.getName())) continue; - - cookie.setMaxAge(0); - cookie.setValue(""); - hresp.addCookie(cookie); - } - }*/ - @Override public void setApplicationContext(ApplicationContext actx) throws BeansException { if (!(actx instanceof WebApplicationContext)) return; @@ -128,11 +97,23 @@ public class LogoutSuccess extends SimpleUrlLogoutSuccessHandler implements Appl @Override public void sessionDestroyed(HttpSessionEvent evt) { HttpSession session = evt.getSession(); + if (isHandled(session)) return; + SecurityContext sctx = (SecurityContext)session.getAttribute(HttpSessionSecurityContextRepository.SPRING_SECURITY_CONTEXT_KEY); if (sctx == null) return; Authentication authentication = sctx.getAuthentication(); - log().debug("Session expired for {}", authentication.getPrincipal()); authenticationService.onLogout(authentication); + log().debug("Session expired for {}", authentication.getPrincipal()); + } + + private boolean isHandled(HttpSession session) { + Boolean handled = (Boolean)session.getAttribute("evtHandled"); + if (Boolean.TRUE.equals(handled)) { + session.removeAttribute("evtHandled"); + return true; + } + session.setAttribute("evtHandled", true); + return false; } } \ No newline at end of file