feat: HTTP, HTTPS protocol 동시 적용

swagger 설정 변경 cors 설정 변경
1 year ago · c565668c5f
parent 7fe72c76ac
commit c565668c5f
14 changed files with 169 additions and 104 deletions
--- a/mens-api/src/main/resources/config/application-dev.yml
+++ b/mens-api/src/main/resources/config/application-dev.yml
@ -38,10 +38,6 @@ logging:
    path: ${app.data.root.path}/mens/logs
    name: ${app.name}
 # Spring Security cors 설정 :: CorsConfiguration 설정 값
 cors:
  allowed-origins: http://localhost:8080, http://${app.api-ip}:8080, http://localhost:8082, http://${app.api-ip}:8082
 # ==================================================================================================================
 # SQL logging lib setting
 # ==================================================================================================================
@ -52,8 +48,12 @@ decorator:
 app:
  api-ip: 211.119.124.9
-  # swagger url
+  # 강제로 swagger-url을 지정해야 하는 경우만 선언
-  url: 'http://localhost:${server.port}${server.servlet.context-path:}/'
+  #swagger-url: 'http://localhost:${server.port}${server.servlet.context-path:}/'
  # Spring Security cors 설정 :: CorsConfiguration 설정 값
  cors:
    allowed-origins: http://localhost:8080, http://${app.api-ip}:8080, http://localhost:8082, http://${app.api-ip}:8082
  data:
    root:
      path: /data
--- a/mens-api/src/main/resources/config/application-local.yml
+++ b/mens-api/src/main/resources/config/application-local.yml
@ -41,10 +41,6 @@ logging:
    path: ${app.data.root.path}/mens/logs
    name: ${app.name}
 # Spring Security cors 설정 :: CorsConfiguration 설정 값
 cors:
  allowed-origins: http://localhost:8080, http://${app.api-ip}:8080, http://localhost:8082, http://${app.api-ip}:8082
 # ==================================================================================================================
 # SQL logging lib setting
 # ==================================================================================================================
@ -55,18 +51,16 @@ decorator:
 app:
  api-ip: 211.119.124.73
-  license:
+  # 강제로 swagger-url을 지정해야 하는 경우만 선언
-    path: ${app.data.root.path}/mens/.pem/
+  #swagger-url: 'http://localhost:${server.port}${server.servlet.context-path:}/'
-    key: 'mxLAM1fAEDPWkFz8'
+  # Spring Security cors 설정 :: CorsConfiguration 설정 값
-    data1: 'jz5LT6TlZtewv1GRVN3cI6CgoPgS89Sfh7qSKkCVjjMPOyBKkT386tlnMnjXluTSr8OIvI1pHd96fHxRZHNUBuLeQOkUeWuzkfxlP8C7nDyIrG36T2aontjroAxoNk3oYdIYRVWNs1Iqw39v9xF8NYFFLGqtfv/wnCGxlwTsDwCf9bjAtyd9cTiS27dVrIbrAVKnchgxIF/DUQQc901l4DZ5gsT6aLx6TmzhvAewPK1HfiG9WrMWxpw0TMxt++0Vedh+oZEs48ACMpuHFFh406LynyxxE7boRVbKmh7Tn87gKa6+zzdzIN1kS8sk58Ms1HPvBfvwwnD8qiJItXO6DQ=='
+  cors:
-    data2: 'Te3bfmvdiMZdpfRwC3OO9UjwbNkvbf16kqEqn9VqwbVztizA9rvMFshlI0vuqai9Hml31IsNINKg+OYkhmkH6ic1I10r6MNIVl3WL5YxfeK7YBmjvNuGZtKwchlWzhMODsgNAq0aIQVi4kLk5filDaZESY10xlNdbf9c/SKGfJeLZxY7DCchkAgj/ZnmZNqOE2kDAoC+O1ksDNTS0+cr+WsKsoFON0EpNI5B2ElBtnT1LmQQ3R+FNCtp7YJaRZA3RPsata05kKH7sL1J0M6A6HIVxisOU3bjH0hB+60BHJfdlEiXo6RJvsPyXotwe8MYVrHJbIQgsepxSDpMFZe8HA=='
+    allowed-origins: http://localhost:8080, http://${app.api-ip}:8080, http://localhost:8082, http://${app.api-ip}:8082
-    data3: 't9qYJTU49dbaeezJkzpM2uY3iLIcy/V/VnyVsWIcd0f4QMLJ3cmLZ0QcMyKoR7CL2CuHMnPJz8j7KFOTQRPpeN/Dl4bCpOu+BM3foYpn4wb5HcLdHJxp5CuFmhTfqRGuUxurv6jcqkwmRzPW35UjQLjeKSdv6m+2b84PN4sZSNeMjQDH0QC85yKphHKV8m6bzqUbHLiZwDXndgpq2/YGKdWjPinlH7PZ+L2xfrfhdWXoY9QrHYVOSPogd81EizzyQseif8GAkeUG1OKAOomhyEuTOxtdGbUew59YuuBlUpORgj/Koclyd2shHyne9CJdqnQqAA2mh61V1ZzBUvSIWQ=='
+
  # swagger url
  url: 'http://localhost:${server.port}${server.servlet.context-path:}/'
  data:
    root:
      #path: /Users/minuk/data
-      path: c:/data
+      path: d:/data
  #---------------------------------------------------------------
  # log 설정
@ -123,3 +117,4 @@ contract:
      refuse-rcv: http://${app.api-ip}:8081/api/ens/kt/v1/receive/refuse
      # 수신동의상태전송 : BC-AG-SN-015
      approve-rcv: http://${app.api-ip}:8081/api/ens/kt/v1/receive/approve
--- a/mens-api/src/main/resources/config/application-prod.yml
+++ b/mens-api/src/main/resources/config/application-prod.yml
@ -39,10 +39,6 @@ logging:
    path: ${app.data.root.path}/mens/logs
    name: ${app.name}
 # Spring Security cors 설정 :: CorsConfiguration 설정 값
 cors:
  allowed-origins: http://localhost, http://${app.api-ip}, http://localhost:8082, http://${app.api-ip}:8082, https://ens.sisul.or.kr
 # ==================================================================================================================
 # SQL logging lib setting
 # ==================================================================================================================
@ -53,8 +49,12 @@ decorator:
 app:
  api-ip: 103.145.215.46
-  # swagger url
+  # 강제로 swagger-url을 지정해야 하는 경우만 선언
-  url: 'http://103.145.215.46:${server.port}${server.servlet.context-path:}/'
+  #swagger-url: 'http://103.145.215.46:${server.port}${server.servlet.context-path:}/'
  # Spring Security cors 설정 :: CorsConfiguration 설정 값
  cors:
    allowed-origins: http://localhost, http://${app.api-ip}, http://localhost:8082, http://${app.api-ip}:8082, https://ens.sisul.or.kr
  data:
    root:
      path: /data
--- a/mens-api/src/main/resources/config/application.yml
+++ b/mens-api/src/main/resources/config/application.yml
@ -35,6 +35,7 @@ spring:
    # core의 application-common.yml과 application-auth.yml include
    include:
      - https
      - common
      - auth
      - app
--- a/mens-batch/src/main/resources/config/application-dev.yml
+++ b/mens-batch/src/main/resources/config/application-dev.yml
@ -49,10 +49,6 @@ logging:
    path: ${app.data.root.path}/mens/logs
    name: ${app.name}
 # Spring Security cors 설정 :: CorsConfiguration 설정 값
 cors:
  allowed-origins: http://211.119.124.9:8080
 # ==================================================================================================================
 # SQL logging lib setting
 # ==================================================================================================================
@ -63,15 +59,11 @@ decorator:
 app:
  api-ip: 211.119.124.9
-  license:
+  # 강제로 swagger-url을 지정해야 하는 경우만 선언
-    path: ${app.data.root.path}/mens/.pem/
+  #swagger-url: 'http://localhost:${server.port}${server.servlet.context-path:}/'
-    key: 'mxLAM1fAEDPWkFz8'
+  # Spring Security cors 설정 :: CorsConfiguration 설정 값
-    data1: 'WEcpGVH9g01hS8L0ke6sL9g8Hmsy4yngfEwH5L/ax62IzmdjIU6mE6GoGnC3iuRN1ENCYlVz2b8BYtAKDltMYZWx+qBjY+KscgfFoMDLIVHMGAUSDF+PyE6KV2DsKoAhc2ZdNnqbFJDgDP/qyFSRjwD1dvzeXTuCcz4mnQxOovXqiMkXwnBKhUBzq9dFeLlsk1e/YoR9SZTrpt0x0T8IeyzqI568FFqNAznmbJ+1kpi9yRaJ5c8MXXEIrfPJVONrLfeVezg1Z9jDj56zPL6gqrKhKtHJwkxpESx+5ik8O01GDcmytsLAeoIz0BiZVLJXUc/T6mZBVP6FfZnDC0dWfA=='
+  cors:
-    data2: 'YBF68uN720dTzblufB/AkZTxZnDIt6G29UkjIkJL9TDH2UkTB9FPNgtk4TqSTCFr1C4SsSU9Z/XQ957+c6K1JZe20JzDlhRWr6Zty0lCORI6erdpRq0zUsKANeJoB2hgqgeLcDxuOUN2S19MacD2VA4H0+7zKATiT8P7OEWXrAU9M2YmbEMMxHQsc6SZIa3EoGrJdNZrgeVXxL2+aJN28gmMm3CgoxLEEtuSZXK3LEZLlLEZvZtDxuxqx7Os4CtNwvHsDyFcIot6Ghbr+G3EsT+jghvvei0Cg4Qgm4n11yj0hsWR8CwmV7FTTqo03s0zBDRhYhgML81KkE/AtZSVvA=='
+    allowed-origins: http://211.119.124.9:8080
    data3: 'IWPfGH1nDoOsevS4eyw4fItEqNymamycYa+rN+3v/iQxwy5mohdYNgm/+HcOGua2FJ6VxgGC/9i5b0jKB5L2p8bSBrEQBmluh+DsEMzeUxP8mfD2hTIUfeA9osmXW0al6BfcoJKZyiUGzxoSDY1MMdbAB9FQSBWY9yniGBaEXt3CgJmloXsVoRRolalmO6oqRJq4t1kV0fRijGGMQ5/0nu0Z5fuhCukGmEAsIW0abRXARDzoXYfAZKbKW0L70X8htpFAkk9t2IukeZemHGBBinDBWsh0ZlysHJfcXlFnFh83hXrsYcpUAn34PSd3TfLPeymdoduTF8wX7sOVMuPUVg=='
  # swagger url
  url: 'http://localhost:${server.port}${server.servlet.context-path:}/'
  data:
    root:
      path: /data
--- a/mens-batch/src/main/resources/config/application-local.yml
+++ b/mens-batch/src/main/resources/config/application-local.yml
@ -49,10 +49,6 @@ logging:
    path: ${app.data.root.path}/mens/logs
    name: ${app.name}
 # Spring Security cors 설정 :: CorsConfiguration 설정 값
 cors:
  allowed-origins: http://localhost:8080
 # ==================================================================================================================
 # SQL logging lib setting
 # ==================================================================================================================
@ -63,14 +59,11 @@ decorator:
 app:
  api-ip: 211.119.124.73
-  license:
+  # 강제로 swagger-url을 지정해야 하는 경우만 선언
-    path: ${app.data.root.path}/mens/.pem/
+  #swagger-url: 'http://localhost:${server.port}${server.servlet.context-path:}/'
-    key: 'mxLAM1fAEDPWkFz8'
+  # Spring Security cors 설정 :: CorsConfiguration 설정 값
-    data1: 'jz5LT6TlZtewv1GRVN3cI6CgoPgS89Sfh7qSKkCVjjMPOyBKkT386tlnMnjXluTSr8OIvI1pHd96fHxRZHNUBuLeQOkUeWuzkfxlP8C7nDyIrG36T2aontjroAxoNk3oYdIYRVWNs1Iqw39v9xF8NYFFLGqtfv/wnCGxlwTsDwCf9bjAtyd9cTiS27dVrIbrAVKnchgxIF/DUQQc901l4DZ5gsT6aLx6TmzhvAewPK1HfiG9WrMWxpw0TMxt++0Vedh+oZEs48ACMpuHFFh406LynyxxE7boRVbKmh7Tn87gKa6+zzdzIN1kS8sk58Ms1HPvBfvwwnD8qiJItXO6DQ=='
+  cors:
-    data2: 'Te3bfmvdiMZdpfRwC3OO9UjwbNkvbf16kqEqn9VqwbVztizA9rvMFshlI0vuqai9Hml31IsNINKg+OYkhmkH6ic1I10r6MNIVl3WL5YxfeK7YBmjvNuGZtKwchlWzhMODsgNAq0aIQVi4kLk5filDaZESY10xlNdbf9c/SKGfJeLZxY7DCchkAgj/ZnmZNqOE2kDAoC+O1ksDNTS0+cr+WsKsoFON0EpNI5B2ElBtnT1LmQQ3R+FNCtp7YJaRZA3RPsata05kKH7sL1J0M6A6HIVxisOU3bjH0hB+60BHJfdlEiXo6RJvsPyXotwe8MYVrHJbIQgsepxSDpMFZe8HA=='
+    allowed-origins: http://localhost:8080
    data3: 't9qYJTU49dbaeezJkzpM2uY3iLIcy/V/VnyVsWIcd0f4QMLJ3cmLZ0QcMyKoR7CL2CuHMnPJz8j7KFOTQRPpeN/Dl4bCpOu+BM3foYpn4wb5HcLdHJxp5CuFmhTfqRGuUxurv6jcqkwmRzPW35UjQLjeKSdv6m+2b84PN4sZSNeMjQDH0QC85yKphHKV8m6bzqUbHLiZwDXndgpq2/YGKdWjPinlH7PZ+L2xfrfhdWXoY9QrHYVOSPogd81EizzyQseif8GAkeUG1OKAOomhyEuTOxtdGbUew59YuuBlUpORgj/Koclyd2shHyne9CJdqnQqAA2mh61V1ZzBUvSIWQ=='
  # swagger url
  url: 'http://localhost:${server.port}${server.servlet.context-path:}/'
  data:
    root:
      #path: /Users/minuk/data
--- a/mens-batch/src/main/resources/config/application-prod.yml
+++ b/mens-batch/src/main/resources/config/application-prod.yml
@ -38,10 +38,6 @@ logging:
    path: ${app.data.root.path}/mens/logs
    name: ${app.name}
 # Spring Security cors 설정 :: CorsConfiguration 설정 값
 cors:
  allowed-origins: http://localhost, https://ens.sisul.or.kr, http://103.145.215.46
 # ==================================================================================================================
 # SQL logging lib setting
 # ==================================================================================================================
@ -52,8 +48,11 @@ decorator:
 app:
  api-ip: 103.145.215.46
-  # swagger url
+  # 강제로 swagger-url을 지정해야 하는 경우만 선언
-  url: 'http://103.145.215.46:${server.port}${server.servlet.context-path:}/'
+  #swagger-url: 'http://103.145.215.46:${server.port}${server.servlet.context-path:}/'
  # Spring Security cors 설정 :: CorsConfiguration 설정 값
  cors:
    allowed-origins: http://localhost, https://ens.sisul.or.kr, http://103.145.215.46
  data:
    root:
      path: /data
--- a/mens-batch/src/main/resources/static/fmcExcelUpload.html
+++ b/mens-batch/src/main/resources/static/fmcExcelUpload.html
@ -13,14 +13,6 @@
        <option value="88328">공영주차장</option>
        <option value="88316">장사시설</option>
      </select><br/>
     <!-- <label for="sndngSeCode">발송구분</label>
      <select id="sndngSeCode">
        <option value="KKO-MY-DOC">카카오</option>
        <option value="KT-BC">공인알림문자</option>
        <option value="E-GREEN">e-그린</option>
      </select><br/>
      <label>전송일</label>
      <input type="date" id="sndngDt" required/><br/>-->
      <input type="file"
             accept="application/vnd.ms-excel,
                     application/vnd.openxmlformats-officedocument.spreadsheetml.sheet"
@ -33,25 +25,16 @@
  <script>
    function handleSubmit() {
      const form = document.querySelector("form");
 //     let sndngDt = document.querySelector("#sndngDt").value.replaceAll("-", "")
      let file = document.querySelector("#files").files[0];
      /*if(!sndngDt){
        alert('전송일을 선택하세요');
        return false;
      }*/
      /*if(!file){
        alert('업로드할 파일을 선택하세요');
        return false;
      }*/
      const fd = new FormData();
      fd.append('signguCode', document.querySelector("#signguCode").value);
    //  fd.append('sndngSeCode', document.querySelector("#sndngSeCode").value);
      fd.append('register', 'admin');
      fd.append('files', document.querySelector("#files").files[0]);
      $.ajax({
-        url: 'http://103.145.215.46:8081/api/biz/sisul/v1/fmcExcelUpload',
+        //url: 'http://103.145.215.46:8081/api/biz/sisul/v1/fmcExcelUpload',
        url: 'https://211.119.124.73:8443/api/biz/sisul/v1/fmcExcelUpload',
        data: fd,
        cache: false,
        contentType: false,
--- a/mens-core/src/main/java/kr/xit/core/spring/config/SpringDocsConfig.java
+++ b/mens-core/src/main/java/kr/xit/core/spring/config/SpringDocsConfig.java
@ -1,26 +1,26 @@
 package kr.xit.core.spring.config;
 import java.util.Arrays;
 import java.util.Collections;
 import java.util.List;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import io.swagger.v3.oas.models.Components;
 import io.swagger.v3.oas.models.OpenAPI;
 import io.swagger.v3.oas.models.info.Contact;
 import io.swagger.v3.oas.models.info.Info;
 import io.swagger.v3.oas.models.servers.Server;
 import io.swagger.v3.oas.models.security.SecurityRequirement;
 import io.swagger.v3.oas.models.security.SecurityScheme;
 import io.swagger.v3.oas.models.servers.Server;
 import java.util.Collections;
 import java.util.List;
 import kr.xit.core.support.utils.Checks;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 /**
 * <pre>
 * description : Springdoc(swagger) 설정
 *               설정내용이 상이한 경우 동일한 파일로 재정의 하거나 상속받아 사용
 *               - swagger url을 강제하고 싶으면
 *                 -> app.swagger-url 에 설정
 * packageName : kr.xit.core.spring.config
 * fileName    : SpringDocsConfig
 * author      : julim
@ -35,11 +35,16 @@ import io.swagger.v3.oas.models.security.SecurityScheme;
@ConditionalOnProperty(value = "springdoc.swagger-ui.enabled", havingValue = "true", matchIfMissing = false)
@Configuration
 public class SpringDocsConfig {
    @Value("${server.port}")
    private int SSL_PORT;
    @Value("${server.http:0}")
    private int HTTP_PORT;
    @Value("${app.swagger-url:}")
    private String swaggerUrl;
    @Bean
    public OpenAPI openAPI(
        @Value("${springdoc.version:v1}") String version,
        @Value("${app.url}") String url,
        @Value("${app.desc}") String desc,
        @Value("${app.name}") String name,
        @Value("${spring.profiles.active}") String active) {
@ -53,6 +58,7 @@ public class SpringDocsConfig {
                .email("admin@xit.co.kr"));
                //.url("http://www.xerotech.co.kr/"));
        String url = Checks.isNotEmpty(swaggerUrl)? swaggerUrl : String.format("http://localhost:%d", HTTP_PORT != 0? HTTP_PORT: SSL_PORT);
        List<Server> servers = Collections.singletonList(new Server().url(url).description(name + "(" + active + ")"));
        // Security 스키마 설정
--- a/mens-core/src/main/java/kr/xit/core/spring/config/properties/CorsProperties.java
+++ b/mens-core/src/main/java/kr/xit/core/spring/config/properties/CorsProperties.java
@ -8,7 +8,7 @@ import lombok.Setter;
 /**
 * <pre>
 * description : CORS Properties
- *               - properties : cors 항목에 정의
+ *               - properties : app.cors 항목에 정의
 * packageName : kr.xit.core.spring.config.properties
 * fileName    : CorsProperties
 * author      : julim
@ -22,7 +22,7 @@ import lombok.Setter;
 */
@Getter
@Setter
-@ConfigurationProperties(prefix = "cors")
+@ConfigurationProperties(prefix = "app.cors")
 public class CorsProperties {
    /**
     * 헤더에 작성된 출처만 브라우저가 리소스를 접근할 수 있도록 허용함.
--- a/mens-core/src/main/java/kr/xit/core/spring/config/support/HttpsConnectorConfig.java
+++ b/mens-core/src/main/java/kr/xit/core/spring/config/support/HttpsConnectorConfig.java
@ -0,0 +1,75 @@
 package kr.xit.core.spring.config.support;
 import org.apache.catalina.Context;
 import org.apache.catalina.connector.Connector;
 import org.apache.tomcat.util.descriptor.web.SecurityCollection;
 import org.apache.tomcat.util.descriptor.web.SecurityConstraint;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
 import org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory;
 import org.springframework.boot.web.servlet.server.ServletWebServerFactory;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 /**
 * <pre>
 * description : Http, Https(SSL) 적용 - 내장 톰캣 SSL use
 *               server.ssl.redirect : false인 경우 HTTP와 SSL 동시 사용
 *               application-https.ymlㅡㄷ 선언 사용
 *               - server.ssl.enabled: true인 경우 활성화(적용)
 *               - server.port : SSL port
 *               - server.http : http port
 *               - server.ssl.redirect : true|false
 * packageName : kr.xit.core.spring.config.support
 * fileName    : HttpsConnectorConfig
 * author      : julim
 * date        : 2023-11-08
 * ======================================================================
 * 변경일         변경자        변경 내용
 * ----------------------------------------------------------------------
 * 2023-11-08    julim       최초 생성
 *
 * </pre>
 */
@ConditionalOnProperty(value = "server.ssl.enabled", havingValue = "true", matchIfMissing = false)
@Configuration
 public class HttpsConnectorConfig {
    @Value("${server.port}")
 	private int SSL_PORT;
 	@Value("${server.http}")
 	private int HTTP_PORT;
 	@Value("${server.ssl.redirect}")
 	private boolean SSL_REDIRECT;
    @Bean
    public ServletWebServerFactory servletContainer() {
 		TomcatServletWebServerFactory tomcat = null;
 		if(SSL_REDIRECT){
 			tomcat = new TomcatServletWebServerFactory() {
 				@Override
 				protected void postProcessContext(Context context) {
 					SecurityConstraint securityConstraint = new SecurityConstraint();
 					securityConstraint.setUserConstraint("CONFIDENTIAL");
 					SecurityCollection collection = new SecurityCollection();
 					collection.addPattern("*");
 					securityConstraint.addCollection(collection);
 					context.addConstraint(securityConstraint);
 				}
 			};
 		}else{
 			tomcat = new TomcatServletWebServerFactory();
 		}
 		tomcat.addAdditionalTomcatConnectors(createSslConnector());
 		return tomcat;
    }
    private Connector createSslConnector() {
        Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");
        connector.setScheme("http");
        connector.setSecure(false);
        connector.setPort(HTTP_PORT);
        if(SSL_REDIRECT)	connector.setRedirectPort(SSL_PORT);
        return connector;
    }
 }
--- a/mens-core/src/main/resources/config/application-common.yml
+++ b/mens-core/src/main/resources/config/application-common.yml
@ -123,19 +123,23 @@ logging:
 #        include-parameter-values: true
 # Spring Security cors 설정 :: CorsConfiguration 설정 값
-cors:
+app:
-  # 헤더에 작성된 출처만 브라우저가 리소스를 접근할 수 있도록 허용함.
+  #강제로 swagger-url을 지정해야 하는 경우만 선언
-  # * 이면 모든 곳에 공개
+  #swagger-url:
-  #allowed-origins: http://localhost:8080,http:127.0.0.1:8080
+  cors:
-  # 리소스 접근을 허용하는 HTTP 메서드를 지정
+    # 헤더에 작성된 출처만 브라우저가 리소스를 접근할 수 있도록 허용함.
-  allowed-methods: GET, POST, PUT, DELETE
+    # * 이면 모든 곳에 공개
-  # 요청을 허용하는 해더
+    #allowed-origins: http://localhost:8080,http:127.0.0.1:8080
-  allowed-headers: Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, X-Csrftoken, Authorization, Content-Security-Policy
+    # 리소스 접근을 허용하는 HTTP 메서드를 지정
-  # 클라이언트에서 preflight 의 요청 결과를 저장할 기간을 지정
+    allowed-methods: GET, POST, PUT, DELETE
-  # 60초 동안 preflight 요청을 캐시하는 설정으로, 첫 요청 이후 60초 동안은 OPTIONS 메소드를 사용하는 예비 요청을 보내지 않는다.
+    # 요청을 허용하는 해더
-  max-Age: 60
+    allowed-headers: Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, X-Csrftoken, Authorization
-  # 클라이언트 요청이 쿠키를 통해서 자격 증명을 해야 하는 경우에 true.
+    #allowed-headers: Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, X-Csrftoken, Authorization, Content-Security-Policy
-  # 자바스크립트 요청에서 credentials가 include일 때 요청에 대한 응답을 할 수 있는지를 나타낸다.
+    # 클라이언트에서 preflight 의 요청 결과를 저장할 기간을 지정
-  allow-Credentials: true
+    # 60초 동안 preflight 요청을 캐시하는 설정으로, 첫 요청 이후 60초 동안은 OPTIONS 메소드를 사용하는 예비 요청을 보내지 않는다.
-  # 기본적으로 브라우저에게 노출이 되지 않지만, 브라우저 측에서 접근할 수 있게 허용해주는 헤더를 지정
+    max-Age: 60
-  expose-Headers: Content-Length
+    # 클라이언트 요청이 쿠키를 통해서 자격 증명을 해야 하는 경우에 true.
    # 자바스크립트 요청에서 credentials가 include일 때 요청에 대한 응답을 할 수 있는지를 나타낸다.
    allow-Credentials: true
    # 기본적으로 브라우저에게 노출이 되지 않지만, 브라우저 측에서 접근할 수 있게 허용해주는 헤더를 지정
    expose-Headers: Content-Length
--- a/mens-core/src/main/resources/config/application-https.yml
+++ b/mens-core/src/main/resources/config/application-https.yml
@ -0,0 +1,17 @@
 #-----------------------------------------------------------------------
 # application Https SSL 설정
 # port가 다른 경우 프로파일 별로 server.port와 server.http 선언
 #-----------------------------------------------------------------------
 server:
  port: 8443
  ssl:
    enabled: true
    key-alias: tomcat
    key-store-provider: SUN
    key-store-type: PKCS12
    key-store-password: xit5811807
    key-store: classpath:tomcat.p12
    redirect: false
  http: 8081
  http2:
    enabled: true
--- a/mens-core/src/main/resources/tomcat.p12
+++ b/mens-core/src/main/resources/tomcat.p12