안녕! 스프링 시큐리티

> curl -u user:d09c0129-c06d-4ebe-9a94-fe48cc494b74 https://security.junnyland.com/hello

openssl req -newkey rsa:2048 -nodes -keyout key.pem -x509 -days 365 -out certificate.pem
openssl pkcs12 -export -in certificate.pem -inkey key.pem -out certificate.p12

---
Country Name (2 letter code) [AU]:KR
State or Province Name (full name) [Some-State]:korea
Locality Name (eg, city) []:Seoul
Organization Name (eg, company) [Internet Widgits Pty Ltd]:junnyland
Organizational Unit Name (eg, section) []:junny
Common Name (e.g. server FQDN or YOUR name) []:security
Email Address []:junnyland@test.com

Enter Export Password:
Verifying - Enter Export Password:

# application.yml
server:
  ssl:
    key-store-type: PKCS12
    key-store: classpath:certificate.p12
    key-store-password: 1234

@Bean
fun userDetailsService():UserDetailsService = 
  InMemoryUserDetailsManager()
    .also { it.createUser(User.withUsername("junnyland").password("1234").roles("USER").build()) }

@Bean
fun passwordEncoder():PasswordEncoder = PasswordEncoderFactories
  .createDelegatingPasswordEncoder()

---
curl -u junnyland:1234 http://localhost:8080/hello
Hello World!

    @Bean
    fun securityFilterChain(http: HttpSecurity): SecurityFilterChain = http
        .httpBasic{ }
        .authorizeHttpRequests { it.anyRequest().authenticated() }
        // 모든 요청에 인증 필요
        .build()

    @Bean
    fun securityFilterChain(http: HttpSecurity): SecurityFilterChain = http
        .authenticationManager(authenticationManager(AuthenticationManagerBuilder(objectPostProcessor)))
        .build()

    fun userDetailsService(): UserDetailsService = InMemoryUserDetailsManager()
        .also { it.createUser(User.withUsername("junnyland").password("1234").roles("USER").build()) }
        
    fun authenticationManager(auth: AuthenticationManagerBuilder): AuthenticationManager = auth
            .also {it.userDetailsService<UserDetailsService>(userDetailsService())
                    .passwordEncoder(passwordEncoder()) }
            .build()

    @Component
    class CustomAuthenticationProvider: AuthenticationProvider {
        override fun authenticate(authentication: Authentication): Authentication {
            val username = authentication.name
            val password = authentication.credentials.toString()
            if (username == "junnyland" && password == "1234") {
                return UsernamePasswordAuthenticationToken(username, password, emptyList())
            }
            throw BadCredentialsException("Authentication failed for user $username")
        }
        override fun supports(authentication: Class<*>): Boolean {
            return UsernamePasswordAuthenticationToken::class.java.isAssignableFrom(authentication)
        }
    }

@Configuration
class UserManagementConfig {

    @Bean
    fun userDetailsService(): UserDetailsService = InMemoryUserDetailsManager()
        .also { it.createUser(withUsername("junnyland").password("1234").roles("USER").build()) }
    

    @Bean
    fun passwordEncoder(): PasswordEncoder = createDelegatingPasswordEncoder()

}

    @Bean
    fun securityFilterChain(http: HttpSecurity): SecurityFilterChain = http
        .httpBasic { }
        .authorizeHttpRequests { it.anyRequest().authenticated() }
//        .authenticationProvider(authenticationProvider) 제거해준다
        .build()