[2023-06-20][crlee]

- 불필요 인증체크 코드 삭제
3 years ago · b290b3f2f0
parent 76565f26e1
commit b290b3f2f0
10 changed files with 76 additions and 295 deletions
--- a/src/main/java/egovframework/com/cmm/annotation/EgovSecurity.java
+++ b/src/main/java/egovframework/com/cmm/annotation/EgovSecurity.java
@ -1,25 +0,0 @@
-package egovframework.com.cmm.annotation;
-
-import org.springframework.security.access.prepost.PreAuthorize;
-
-import java.lang.annotation.ElementType;
-import java.lang.annotation.Retention;
-import java.lang.annotation.RetentionPolicy;
-import java.lang.annotation.Target;
-
-/**
- * fileName       : EgovSecurity
- * author         : crlee
- * date           : 2023/06/20
- * description    :
- * ===========================================================
- * DATE              AUTHOR             NOTE
- * -----------------------------------------------------------
- * 2023/06/20        crlee       최초 생성
- */
-@Retention(RetentionPolicy.RUNTIME)
-@Target({
-        ElementType.METHOD
-})
-public @interface EgovSecurity {
-}
--- a/src/main/java/egovframework/com/cmm/web/EgovFileMngApiController.java
+++ b/src/main/java/egovframework/com/cmm/web/EgovFileMngApiController.java
@ -15,7 +15,6 @@ import egovframework.com.cmm.ResponseCode;
 import egovframework.com.cmm.service.EgovFileMngService;
 import egovframework.com.cmm.service.FileVO;
 import egovframework.com.cmm.service.ResultVO;
-import egovframework.com.jwt.JwtVerification;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.responses.ApiResponse;
 import io.swagger.v3.oas.annotations.responses.ApiResponses;
@ -44,11 +43,7 @@ public class EgovFileMngApiController {

    @Resource(name = "EgovFileMngService")
    private EgovFileMngService fileService;
-    
-    /** JwtVerification */
-	@Autowired
-	private JwtVerification jwtVerification;
-	
+
 	/** 암호화서비스 */
    @Resource(name="egovARIACryptoService")
    EgovCryptoService cryptoService;
@ -82,15 +77,11 @@ public class EgovFileMngApiController {

 		//Boolean isAuthenticated = EgovUserDetailsHelper.isAuthenticated();

-		if (jwtVerification.isVerification(request)) {
-		    fileService.deleteFileInf(fileVO);
-		    
-		    resultVO.setResultCode(200);
-			resultVO.setResultMessage("삭제 성공");
-		} else {
-			resultVO.setResultCode(ResponseCode.AUTH_ERROR.getCode());
-			resultVO.setResultMessage(ResponseCode.AUTH_ERROR.getMessage());
-		}
+		fileService.deleteFileInf(fileVO);
+
+		resultVO.setResultCode(200);
+		resultVO.setResultMessage("삭제 성공");
+

 		//--------------------------------------------
 		// contextRoot가 있는 경우 제외 시켜야 함
--- a/src/main/java/egovframework/com/jwt/JwtVerification.java
+++ b/src/main/java/egovframework/com/jwt/JwtVerification.java
@ -1,57 +0,0 @@
-package egovframework.com.jwt;
-
-import javax.servlet.http.HttpServletRequest;
-
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.stereotype.Component;
-
-import egovframework.let.utl.fcc.service.EgovStringUtil;
-import io.jsonwebtoken.ExpiredJwtException;
-import io.jsonwebtoken.MalformedJwtException;
-import io.jsonwebtoken.SignatureException;
-import io.jsonwebtoken.UnsupportedJwtException;
-import lombok.extern.slf4j.Slf4j;
-
-@Slf4j
-@Component
-public class JwtVerification {
-	
-	@Autowired
-	private EgovJwtTokenUtil jwtTokenUtil;
-	
-	public boolean isVerification(HttpServletRequest request) {
-		
-		boolean verificationFlag = true;
-		
-		// step 1. request header에서 토큰을 가져온다.
-		String jwtToken = EgovStringUtil.isNullToString(request.getHeader("authorization"));
-		
-		
-		// step 2. 토큰에 내용이 있는지 확인해서 username값을 가져옴
-		// Exception 핸들링 추가처리 (토큰 유효성, 토큰 변조 여부, 토큰 만료여부)
-		// 내부적으로 parse하는 과정에서 해당 여부들이 검증됨
-		String username = null;
-		
-		try {
-		    username = jwtTokenUtil.getUsernameFromToken(jwtToken);
-		} catch (IllegalArgumentException | ExpiredJwtException | MalformedJwtException | UnsupportedJwtException | SignatureException e) {
-		    log.debug("Unable to verify JWT Token: " + e.getMessage());
-		    verificationFlag = false;
-		    return verificationFlag;
-		}
-		
-		log.debug("===>>> username = " + username);
-		
-		// step 3. 가져온 username 유무 체크
-		if (username == null) {
-			log.debug("jwtToken not validate");
-			verificationFlag =  false;
-			return verificationFlag;
-		}
-		
-		log.debug("jwtToken validated");
-		
-		return verificationFlag;
-	}
-
-}
--- a/src/main/java/egovframework/com/security/SecurityConfig.java
+++ b/src/main/java/egovframework/com/security/SecurityConfig.java
@ -1,6 +1,5 @@
 package egovframework.com.security;

-import egovframework.com.cmm.annotation.EgovSecurity;
 import egovframework.com.jwt.JwtAuthenticationEntryPoint;
 import egovframework.com.jwt.JwtAuthenticationFilter;
 import org.springframework.context.annotation.Bean;
@ -15,10 +14,7 @@ import org.springframework.web.cors.CorsConfiguration;
 import org.springframework.web.cors.CorsConfigurationSource;
 import org.springframework.web.cors.UrlBasedCorsConfigurationSource;

-import java.lang.reflect.Method;
-import java.util.ArrayList;
 import java.util.Arrays;
-import java.util.List;

 /**
 * fileName       : SecurityConfig
--- a/src/main/java/egovframework/let/cop/bbs/web/EgovBBSAttributeManageApiController.java
+++ b/src/main/java/egovframework/let/cop/bbs/web/EgovBBSAttributeManageApiController.java
@ -26,7 +26,6 @@ import egovframework.com.cmm.ResponseCode;
 import egovframework.com.cmm.service.EgovCmmUseService;
 import egovframework.com.cmm.service.ResultVO;
 import egovframework.com.cmm.util.EgovUserDetailsHelper;
-import egovframework.com.jwt.JwtVerification;
 import egovframework.let.cop.bbs.service.BoardMasterVO;
 import egovframework.let.cop.bbs.service.EgovBBSAttributeManageService;
 import io.swagger.v3.oas.annotations.Operation;
@ -55,10 +54,7 @@ import io.swagger.v3.oas.annotations.tags.Tag;
@RestController
@Tag(name="EgovBBSAttributeManageApiController",description = "게시판 속성관리")
 public class EgovBBSAttributeManageApiController {
-	
-	/** JwtVerification */
-	@Autowired
-	private JwtVerification jwtVerification;
+

 	/** EgovBBSAttributeManageService */
 	@Resource(name = "EgovBBSAttributeManageService")
@ -104,11 +100,6 @@ public class EgovBBSAttributeManageApiController {

 		ResultVO resultVO = new ResultVO();

-		// 기존 세션 체크 인증에서 토큰 방식으로 변경
-		if (!jwtVerification.isVerification(request)) {
-			return handleAuthError(resultVO); // 토큰 확인
-		}
-
 		boardMasterVO.setPageUnit(propertyService.getInt("Globals.pageUnit"));
 		boardMasterVO.setPageSize(propertyService.getInt("Globals.pageSize"));

@ -160,11 +151,6 @@ public class EgovBBSAttributeManageApiController {
 		ResultVO resultVO = new ResultVO();
 		Map<String, Object> resultMap = new HashMap<String, Object>();

-		// 기존 세션 체크 인증에서 토큰 방식으로 변경
-		if (!jwtVerification.isVerification(request)) {
-			return handleAuthError(resultVO); // 토큰 확인
-		}
-
 		BoardMasterVO vo = bbsAttrbService.selectBBSMasterInf(searchVO);
 		resultMap.put("boardMasterVO", vo);

@ -203,11 +189,6 @@ public class EgovBBSAttributeManageApiController {
 		ResultVO resultVO = new ResultVO();
 		Map<String, Object> resultMap = new HashMap<String, Object>();

-		// 기존 세션 체크 인증에서 토큰 방식으로 변경
-		if (!jwtVerification.isVerification(request)) {
-			return handleAuthError(resultVO); // 토큰 확인
-		}
-
 		LoginVO user = (LoginVO)EgovUserDetailsHelper.getAuthenticatedUser();
 		Boolean isAuthenticated = EgovUserDetailsHelper.isAuthenticated();

@ -279,11 +260,6 @@ public class EgovBBSAttributeManageApiController {
 		ResultVO resultVO = new ResultVO();
 		Map<String, Object> resultMap = new HashMap<String, Object>();

-		// 기존 세션 체크 인증에서 토큰 방식으로 변경
-		if (!jwtVerification.isVerification(request)) {
-			return handleAuthError(resultVO); // 토큰 확인
-		}
-
 		LoginVO user = (LoginVO)EgovUserDetailsHelper.getAuthenticatedUser();
 		Boolean isAuthenticated = EgovUserDetailsHelper.isAuthenticated();

@ -337,11 +313,6 @@ public class EgovBBSAttributeManageApiController {
 		@RequestBody BoardMasterVO boardMasterVO) throws Exception {
 		ResultVO resultVO = new ResultVO();

-		// 기존 세션 체크 인증에서 토큰 방식으로 변경
-		if (!jwtVerification.isVerification(request)) {
-			return handleAuthError(resultVO); // 토큰 확인
-		}
-
 		LoginVO user = (LoginVO)EgovUserDetailsHelper.getAuthenticatedUser();
 		Boolean isAuthenticated = EgovUserDetailsHelper.isAuthenticated();

@ -356,11 +327,7 @@ public class EgovBBSAttributeManageApiController {
 		return resultVO;
 	}

-	private ResultVO handleAuthError(ResultVO resultVO) {
-		resultVO.setResultCode(ResponseCode.AUTH_ERROR.getCode());
-		resultVO.setResultMessage(ResponseCode.AUTH_ERROR.getMessage());
-		return resultVO;
-	}
+	

 	/**
 	 * 운영자 권한을 확인한다.(로그인 여부를 확인한다.)
--- a/src/main/java/egovframework/let/cop/bbs/web/EgovBBSManageApiController.java
+++ b/src/main/java/egovframework/let/cop/bbs/web/EgovBBSManageApiController.java
@ -32,7 +32,6 @@ import egovframework.com.cmm.service.FileVO;
 import egovframework.com.cmm.service.ResultVO;
 import egovframework.com.cmm.util.EgovUserDetailsHelper;
 import egovframework.com.cmm.web.EgovFileDownloadController;
-import egovframework.com.jwt.JwtVerification;
 import egovframework.let.cop.bbs.service.BoardMasterVO;
 import egovframework.let.cop.bbs.service.BoardVO;
 import egovframework.let.cop.bbs.service.EgovBBSAttributeManageService;
@ -65,10 +64,6 @@ import io.swagger.v3.oas.annotations.tags.Tag;
@Tag(name="EgovBBSManageApiController",description = "게시물 관리")
 public class EgovBBSManageApiController {
 	
-	/** JwtVerification */
-	@Autowired
-	private JwtVerification jwtVerification;
-
 	@Resource(name = "EgovBBSManageService")
 	private EgovBBSManageService bbsMngService;

@ -322,33 +317,28 @@ public class EgovBBSManageApiController {

 			return resultVO;
 		}
-		
-		// 기존 세션 체크 인증에서 토큰 방식으로 변경
-		if (!jwtVerification.isVerification(request)) {
-			return handleAuthError(resultVO); // 토큰 확인
-		} else if (jwtVerification.isVerification(request)) {
-			final Map<String, MultipartFile> files = multiRequest.getFileMap();
-			if (!files.isEmpty()) {
-				if ("".equals(atchFileId)) {
-					List<FileVO> result = fileUtil.parseFileInf(files, "BBS_", 0, atchFileId, "");
-					atchFileId = fileMngService.insertFileInfs(result);
-					boardVO.setAtchFileId(atchFileId);
-				} else {
-					FileVO fvo = new FileVO();
-					fvo.setAtchFileId(atchFileId);
-					int cnt = fileMngService.getMaxFileSN(fvo);
-					List<FileVO> _result = fileUtil.parseFileInf(files, "BBS_", cnt, atchFileId, "");
-					fileMngService.updateFileInfs(_result);
-				}
+	
+		final Map<String, MultipartFile> files = multiRequest.getFileMap();
+		if (!files.isEmpty()) {
+			if ("".equals(atchFileId)) {
+				List<FileVO> result = fileUtil.parseFileInf(files, "BBS_", 0, atchFileId, "");
+				atchFileId = fileMngService.insertFileInfs(result);
+				boardVO.setAtchFileId(atchFileId);
+			} else {
+				FileVO fvo = new FileVO();
+				fvo.setAtchFileId(atchFileId);
+				int cnt = fileMngService.getMaxFileSN(fvo);
+				List<FileVO> _result = fileUtil.parseFileInf(files, "BBS_", cnt, atchFileId, "");
+				fileMngService.updateFileInfs(_result);
 			}
+		}

-			boardVO.setLastUpdusrId(user.getUniqId());
-			boardVO.setNtcrNm(""); // dummy 오류 수정 (익명이 아닌 경우 validator 처리를 위해 dummy로 지정됨) 
-			boardVO.setPassword(EgovFileScrty.encryptPassword("", user.getUniqId())); // dummy 오류 수정 (익명이 아닌 경우 validator 처리를 위해 dummy로 지정됨)
-			boardVO.setNttCn(unscript(boardVO.getNttCn())); // XSS 방지
+		boardVO.setLastUpdusrId(user.getUniqId());
+		boardVO.setNtcrNm(""); // dummy 오류 수정 (익명이 아닌 경우 validator 처리를 위해 dummy로 지정됨) 
+		boardVO.setPassword(EgovFileScrty.encryptPassword("", user.getUniqId())); // dummy 오류 수정 (익명이 아닌 경우 validator 처리를 위해 dummy로 지정됨)
+		boardVO.setNttCn(unscript(boardVO.getNttCn())); // XSS 방지

-			bbsMngService.updateBoardArticle(boardVO);
-		}
+		bbsMngService.updateBoardArticle(boardVO);

 		resultVO.setResultCode(ResponseCode.SUCCESS.getCode());
 		resultVO.setResultMessage(ResponseCode.SUCCESS.getMessage());
@ -394,29 +384,25 @@ public class EgovBBSManageApiController {

 			return resultVO;
 		}
-		
-		// 기존 세션 체크 인증에서 토큰 방식으로 변경
-		if (!jwtVerification.isVerification(request)) {
-			return handleAuthError(resultVO); // 토큰 확인
-		} else if (jwtVerification.isVerification(request)) {
-			List<FileVO> result = null;
-			String atchFileId = "";
-
-			final Map<String, MultipartFile> files = multiRequest.getFileMap();
-			if (!files.isEmpty()) {
-				result = fileUtil.parseFileInf(files, "BBS_", 0, "", "");
-				atchFileId = fileMngService.insertFileInfs(result);
-			}
-			boardVO.setAtchFileId(atchFileId);
-			boardVO.setFrstRegisterId(user.getUniqId());
-			boardVO.setBbsId(boardVO.getBbsId());
-
-			boardVO.setNtcrNm(""); // dummy 오류 수정 (익명이 아닌 경우 validator 처리를 위해 dummy로 지정됨)
-			boardVO.setPassword(EgovFileScrty.encryptPassword("", user.getUniqId())); // dummy 오류 수정 (익명이 아닌 경우 validator 처리를 위해 dummy로 지정됨)
-			// board.setNttCn(unscript(board.getNttCn())); // XSS 방지
+	
+		List<FileVO> result = null;
+		String atchFileId = "";

-			bbsMngService.insertBoardArticle(boardVO);
+		final Map<String, MultipartFile> files = multiRequest.getFileMap();
+		if (!files.isEmpty()) {
+			result = fileUtil.parseFileInf(files, "BBS_", 0, "", "");
+			atchFileId = fileMngService.insertFileInfs(result);
 		}
+		boardVO.setAtchFileId(atchFileId);
+		boardVO.setFrstRegisterId(user.getUniqId());
+		boardVO.setBbsId(boardVO.getBbsId());
+
+		boardVO.setNtcrNm(""); // dummy 오류 수정 (익명이 아닌 경우 validator 처리를 위해 dummy로 지정됨)
+		boardVO.setPassword(EgovFileScrty.encryptPassword("", user.getUniqId())); // dummy 오류 수정 (익명이 아닌 경우 validator 처리를 위해 dummy로 지정됨)
+		// board.setNttCn(unscript(board.getNttCn())); // XSS 방지
+
+		bbsMngService.insertBoardArticle(boardVO);
+	

 		resultVO.setResultCode(ResponseCode.SUCCESS.getCode());
 		resultVO.setResultMessage(ResponseCode.SUCCESS.getMessage());
@ -462,33 +448,29 @@ public class EgovBBSManageApiController {
 			return resultVO;
 		}
 		
-		// 기존 세션 체크 인증에서 토큰 방식으로 변경
-		if (!jwtVerification.isVerification(request)) {
-			return handleAuthError(resultVO); // 토큰 확인
-		} else if (jwtVerification.isVerification(request)) {
-			final Map<String, MultipartFile> files = multiRequest.getFileMap();
-			String atchFileId = "";
-
-			if (!files.isEmpty()) {
-				List<FileVO> result = fileUtil.parseFileInf(files, "BBS_", 0, "", "");
-				atchFileId = fileMngService.insertFileInfs(result);
-			}
+		final Map<String, MultipartFile> files = multiRequest.getFileMap();
+		String atchFileId = "";

-			boardVO.setAtchFileId(atchFileId);
-			boardVO.setReplyAt("Y");
-			boardVO.setFrstRegisterId(user.getUniqId());
-			boardVO.setBbsId(boardVO.getBbsId());
-			boardVO.setParnts(Long.toString(boardVO.getNttId()));
-			boardVO.setSortOrdr(boardVO.getSortOrdr());
-			boardVO.setReplyLc(Integer.toString(Integer.parseInt(boardVO.getReplyLc()) + 1));
+		if (!files.isEmpty()) {
+			List<FileVO> result = fileUtil.parseFileInf(files, "BBS_", 0, "", "");
+			atchFileId = fileMngService.insertFileInfs(result);
+		}

-			boardVO.setNtcrNm(""); // dummy 오류 수정 (익명이 아닌 경우 validator 처리를 위해 dummy로 지정됨)
-			boardVO.setPassword(EgovFileScrty.encryptPassword("", user.getUniqId())); // dummy 오류 수정 (익명이 아닌 경우 validator 처리를 위해 dummy로 지정됨)
+		boardVO.setAtchFileId(atchFileId);
+		boardVO.setReplyAt("Y");
+		boardVO.setFrstRegisterId(user.getUniqId());
+		boardVO.setBbsId(boardVO.getBbsId());
+		boardVO.setParnts(Long.toString(boardVO.getNttId()));
+		boardVO.setSortOrdr(boardVO.getSortOrdr());
+		boardVO.setReplyLc(Integer.toString(Integer.parseInt(boardVO.getReplyLc()) + 1));

-			boardVO.setNttCn(unscript(boardVO.getNttCn())); // XSS 방지
+		boardVO.setNtcrNm(""); // dummy 오류 수정 (익명이 아닌 경우 validator 처리를 위해 dummy로 지정됨)
+		boardVO.setPassword(EgovFileScrty.encryptPassword("", user.getUniqId())); // dummy 오류 수정 (익명이 아닌 경우 validator 처리를 위해 dummy로 지정됨)

-			bbsMngService.insertBoardArticle(boardVO);
-		}
+		boardVO.setNttCn(unscript(boardVO.getNttCn())); // XSS 방지
+
+		bbsMngService.insertBoardArticle(boardVO);
+	

 		//return "forward:/cop/bbs/selectBoardList.do";
 		resultVO.setResultCode(ResponseCode.SUCCESS.getCode());
@ -522,10 +504,6 @@ public class EgovBBSManageApiController {
 		throws Exception {
 		ResultVO resultVO = new ResultVO();
 		
-		// 기존 세션 체크 인증에서 토큰 방식으로 변경
-		if (!jwtVerification.isVerification(request)) {
-			return handleAuthError(resultVO); // 토큰 확인
-		}

 		LoginVO user = (LoginVO)EgovUserDetailsHelper.getAuthenticatedUser();
 		
@ -571,10 +549,6 @@ public class EgovBBSManageApiController {
 		return ret;
 	}
 	
-	private ResultVO handleAuthError(ResultVO resultVO) {
-		resultVO.setResultCode(ResponseCode.AUTH_ERROR.getCode());
-		resultVO.setResultMessage(ResponseCode.AUTH_ERROR.getMessage());
-		return resultVO;
-	}
+	

 }
--- a/src/main/java/egovframework/let/cop/com/web/EgovBBSUseInfoManageApiController.java
+++ b/src/main/java/egovframework/let/cop/com/web/EgovBBSUseInfoManageApiController.java
@ -23,7 +23,6 @@ import egovframework.com.cmm.LoginVO;
 import egovframework.com.cmm.ResponseCode;
 import egovframework.com.cmm.service.ResultVO;
 import egovframework.com.cmm.util.EgovUserDetailsHelper;
-import egovframework.com.jwt.JwtVerification;
 import egovframework.let.cop.bbs.service.BoardMasterVO;
 import egovframework.let.cop.bbs.service.EgovBBSAttributeManageService;
 import egovframework.let.cop.com.service.BoardUseInfVO;
@ -54,9 +53,6 @@ import io.swagger.v3.oas.annotations.tags.Tag;
@Tag(name="EgovBBSUseInfoManageApiController",description = "게시판 이용정보 관리")
 public class EgovBBSUseInfoManageApiController {
 	
-	/** JwtVerification */
-	@Autowired
-	private JwtVerification jwtVerification;

 	/** EgovBBSUseInfoManageService */
 	@Resource(name = "EgovBBSUseInfoManageService")
@ -102,10 +98,6 @@ public class EgovBBSUseInfoManageApiController {
 		ResultVO resultVO = new ResultVO();
 		Map<String, Object> resultMap = new HashMap<String, Object>();

-		// 기존 세션 체크 인증에서 토큰 방식으로 변경
-		if (!jwtVerification.isVerification(request)) {
-			return handleAuthError(resultVO); // 토큰 확인
-		}

 		bdUseVO.setPageUnit(propertyService.getInt("Globals.pageUnit"));
 		bdUseVO.setPageSize(propertyService.getInt("Globals.pageSize"));
@ -191,10 +183,6 @@ public class EgovBBSUseInfoManageApiController {

 		BoardUseInfVO vo = bbsUseService.selectBBSUseInf(bdUseVO);// bbsItrgetId

-		// 기존 세션 체크 인증에서 토큰 방식으로 변경
-		if (!jwtVerification.isVerification(request)) {
-			return handleAuthError(resultVO); // 토큰 확인
-		}

 		// 시스템 사용 게시판의 경우 URL 표시
 		if ("SYSTEM_DEFAULT_BOARD".equals(vo.getTrgetId())) {
@ -244,10 +232,6 @@ public class EgovBBSUseInfoManageApiController {

 		ResultVO resultVO = new ResultVO();

-		// 기존 세션 체크 인증에서 토큰 방식으로 변경
-		if (!jwtVerification.isVerification(request)) {
-			return handleAuthError(resultVO); // 토큰 확인
-		}

 		LoginVO user = (LoginVO)EgovUserDetailsHelper.getAuthenticatedUser();
 		Boolean isAuthenticated = EgovUserDetailsHelper.isAuthenticated();
@ -307,10 +291,6 @@ public class EgovBBSUseInfoManageApiController {

 		ResultVO resultVO = new ResultVO();

-		// 기존 세션 체크 인증에서 토큰 방식으로 변경
-		if (!jwtVerification.isVerification(request)) {
-			return handleAuthError(resultVO); // 토큰 확인
-		}

 		Boolean isAuthenticated = EgovUserDetailsHelper.isAuthenticated();

@ -325,11 +305,7 @@ public class EgovBBSUseInfoManageApiController {
 		return resultVO;
 	}

-	private ResultVO handleAuthError(ResultVO resultVO) {
-		resultVO.setResultCode(ResponseCode.AUTH_ERROR.getCode());
-		resultVO.setResultMessage(ResponseCode.AUTH_ERROR.getMessage());
-		return resultVO;
-	}
+	

 	/**
 	 * 운영자 권한을 확인한다.(로그인 여부를 확인한다.)
--- a/src/main/java/egovframework/let/cop/smt/sim/web/EgovIndvdlSchdulManageApiController.java
+++ b/src/main/java/egovframework/let/cop/smt/sim/web/EgovIndvdlSchdulManageApiController.java
@ -38,7 +38,6 @@ import egovframework.com.cmm.service.FileVO;
 import egovframework.com.cmm.service.ResultVO;
 import egovframework.com.cmm.util.EgovUserDetailsHelper;
 import egovframework.com.cmm.web.EgovFileDownloadController;
-import egovframework.com.jwt.JwtVerification;
 import egovframework.let.cop.smt.sim.service.EgovIndvdlSchdulManageService;
 import egovframework.let.cop.smt.sim.service.IndvdlSchdulManageVO;
 import io.swagger.v3.oas.annotations.Operation;
@ -67,10 +66,6 @@ public class EgovIndvdlSchdulManageApiController {

 	@Autowired
 	private DefaultBeanValidator beanValidator;
-	
-	/** JwtVerification */
-	@Autowired
-	private JwtVerification jwtVerification;

 	/** EgovMessageSource */
 	@Resource(name = "egovMessageSource")
@ -120,11 +115,6 @@ public class EgovIndvdlSchdulManageApiController {
 		ResultVO resultVO = new ResultVO();
 		Map<String, Object> resultMap = new HashMap<String, Object>();

-		// 기존 세션 체크 인증에서 토큰 방식으로 변경
-		 if (!jwtVerification.isVerification(request)) {
-			return handleAuthError(resultVO); // 토큰 확인
-		}
-		
 		//일정구분 검색 유지
 		resultMap.put("searchKeyword",
 			commandMap.get("searchKeyword") == null ? "" : (String)commandMap.get("searchKeyword"));
@ -202,10 +192,6 @@ public class EgovIndvdlSchdulManageApiController {

 		ResultVO resultVO = new ResultVO();

-		// 기존 세션 체크 인증에서 토큰 방식으로 변경
-		if (!jwtVerification.isVerification(request)) {
-			return handleAuthError(resultVO); // 토큰 확인
-		}

 		LoginVO user = (LoginVO)EgovUserDetailsHelper.getAuthenticatedUser();

@ -354,15 +340,12 @@ public class EgovIndvdlSchdulManageApiController {
 		IndvdlSchdulManageVO indvdlSchdulManageVO = new IndvdlSchdulManageVO();
 		indvdlSchdulManageVO.setSchdulId(schdulId);
 		
-		// 기존 세션 체크 인증에서 토큰 방식으로 변경
-		if (!jwtVerification.isVerification(request)) {
-			return handleAuthError(resultVO); // 토큰 확인
-		} else {
-			egovIndvdlSchdulManageService.deleteIndvdlSchdulManage(indvdlSchdulManageVO);//schdulId

-			resultVO.setResultCode(ResponseCode.SUCCESS.getCode());
-			resultVO.setResultMessage(ResponseCode.SUCCESS.getMessage());
-		}
+		egovIndvdlSchdulManageService.deleteIndvdlSchdulManage(indvdlSchdulManageVO);//schdulId
+
+		resultVO.setResultCode(ResponseCode.SUCCESS.getCode());
+		resultVO.setResultMessage(ResponseCode.SUCCESS.getMessage());
+

 		return resultVO;
 	}
@ -395,9 +378,6 @@ public class EgovIndvdlSchdulManageApiController {
 		ResultVO resultVO = new ResultVO();
 		Map<String, Object> resultMap = new HashMap<String, Object>();

-		if (!EgovUserDetailsHelper.isAuthenticated()) {
-			return handleAuthError(resultVO); // server-side 권한 확인
-		}

 		//로그인 객체 선언
 		LoginVO user = (LoginVO)EgovUserDetailsHelper.getAuthenticatedUser();
@ -702,10 +682,6 @@ public class EgovIndvdlSchdulManageApiController {
 		}
 	}

-	private ResultVO handleAuthError(ResultVO resultVO) {
-		resultVO.setResultCode(ResponseCode.AUTH_ERROR.getCode());
-		resultVO.setResultMessage(ResponseCode.AUTH_ERROR.getMessage());
-		return resultVO;
-	}
+	

 }
--- a/src/main/java/egovframework/let/uat/esm/web/EgovSiteManagerApiController.java
+++ b/src/main/java/egovframework/let/uat/esm/web/EgovSiteManagerApiController.java
@ -15,7 +15,6 @@ import egovframework.com.cmm.LoginVO;
 import egovframework.com.cmm.ResponseCode;
 import egovframework.com.cmm.service.ResultVO;
 import egovframework.com.cmm.util.EgovUserDetailsHelper;
-import egovframework.com.jwt.JwtVerification;
 import egovframework.let.uat.esm.service.EgovSiteManagerService;
 import egovframework.let.utl.sim.service.EgovFileScrty;
 import io.swagger.v3.oas.annotations.Operation;
@ -49,14 +48,7 @@ public class EgovSiteManagerApiController {
 	@Resource(name = "siteManagerService")
 	private EgovSiteManagerService siteManagerService;
 	
-	/** JwtVerification */
-	@Autowired
-	private JwtVerification jwtVerification;
-	private ResultVO handleAuthError(ResultVO resultVO) {
-		resultVO.setResultCode(ResponseCode.AUTH_ERROR.getCode());
-		resultVO.setResultMessage(ResponseCode.AUTH_ERROR.getMessage());
-		return resultVO;
-	}
+	
 	/**
 	 * 리액트에서 사이트관리자에 접근하는 토큰값 위변조 방지용으로 서버에서 비교한다.
 	 * @param map데이터: String old_password, new_password
@ -76,13 +68,9 @@ public class EgovSiteManagerApiController {
 	@PostMapping(value = "/uat/esm/jwtAuthAPI.do")
 	public ResultVO jwtAuthentication(HttpServletRequest request) throws Exception {
 		ResultVO resultVO = new ResultVO();
-		// Headers에서 Authorization 속성값에 발급한 토큰값이 정상인지 확인
-		if (!jwtVerification.isVerification(request)) {
-			resultVO = handleAuthError(resultVO); // 토큰 확인
-		}else{
-			resultVO.setResultCode(ResponseCode.SUCCESS.getCode());
-			resultVO.setResultMessage(ResponseCode.SUCCESS.getMessage());
-		}
+
+		resultVO.setResultCode(ResponseCode.SUCCESS.getCode());
+		resultVO.setResultMessage(ResponseCode.SUCCESS.getMessage());
 		return resultVO;
 	}
 	/**
@ -105,10 +93,7 @@ public class EgovSiteManagerApiController {
 	@PostMapping(value = "/uat/esm/updateAdminPasswordAPI.do")
 	public ResultVO updateAdminPassword(@RequestBody Map<String,String> param, HttpServletRequest request) throws Exception {
 		ResultVO resultVO = new ResultVO();
-		// Headers에서 Authorization 속성값에 발급한 토큰값이 정상인지 확인
-		if (!jwtVerification.isVerification(request)) {
-			return handleAuthError(resultVO); // 토큰 확인
-		}
+
 		LoginVO user = (LoginVO)EgovUserDetailsHelper.getAuthenticatedUser();
 		String old_password = param.get("old_password");
 		String new_password = param.get("new_password");
--- a/src/main/java/egovframework/let/uat/uia/web/EgovLoginApiController.java
+++ b/src/main/java/egovframework/let/uat/uia/web/EgovLoginApiController.java
@ -5,7 +5,6 @@ import java.util.HashMap;
 import javax.annotation.Resource;
 import javax.servlet.http.HttpServletRequest;

-import egovframework.com.cmm.annotation.EgovSecurity;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.responses.ApiResponse;
 import io.swagger.v3.oas.annotations.responses.ApiResponses;
@ -90,7 +89,6 @@ public class EgovLoginApiController {
 			@ApiResponse(responseCode = "300", description = "로그인 실패")
 	})
 	@PostMapping(value = "/uat/uia/actionLoginAPI.do", consumes = {MediaType.APPLICATION_JSON_VALUE , MediaType.TEXT_HTML_VALUE})
-	@EgovSecurity
 	public HashMap<String, Object> actionLogin(@RequestBody LoginVO loginVO, HttpServletRequest request) throws Exception {
 		HashMap<String,Object> resultMap = new HashMap<String,Object>();