CORS설정변경

2025-12-06 06:46:25 +00:00 · 2025-10-30 23:10:20 +09:00 · 2025-10-30 23:10:20 +09:00 · 2c4f2b0516
commit 2c4f2b0516
parent 6280ff8ce1 c66decce42
4 changed files with 37 additions and 26 deletions
--- a/analytics-service/src/main/java/com/kt/event/analytics/config/SecurityConfig.java
+++ b/analytics-service/src/main/java/com/kt/event/analytics/config/SecurityConfig.java
@ -1,43 +1,47 @@
 package com.kt.event.analytics.config;

-import com.kt.event.common.security.JwtAuthenticationFilter;
-import com.kt.event.common.security.JwtTokenProvider;
-import lombok.RequiredArgsConstructor;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer;
 import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
 import org.springframework.security.config.http.SessionCreationPolicy;
 import org.springframework.security.web.SecurityFilterChain;
-import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;

 /**
 * Spring Security 설정
- * JWT 기반 인증 및 API 보안 설정
- *
- * ⚠️ CORS 설정은 WebConfig에서 관리합니다.
+ * API 테스트를 위해 일단 모든 요청 허용
 */
@Configuration
@EnableWebSecurity
-@RequiredArgsConstructor
 public class SecurityConfig {

-    private final JwtTokenProvider jwtTokenProvider;
-
    @Bean
-    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
-        return http
-            .csrf(AbstractHttpConfigurer::disable)
-            .cors(AbstractHttpConfigurer::disable)  // CORS는 WebConfig에서 관리
-            .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
-            .authorizeHttpRequests(auth -> auth
-                .anyRequest().permitAll()
-            )
-            .addFilterBefore(new JwtAuthenticationFilter(jwtTokenProvider),
-                UsernamePasswordAuthenticationFilter.class)
-            .build();
+    public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
+        http
+                // CSRF 비활성화 (REST API는 CSRF 불필요)
+                .csrf(AbstractHttpConfigurer::disable)
+
+                // 세션 사용 안 함 (JWT 기반 인증)
+                .sessionManagement(session ->
+                        session.sessionCreationPolicy(SessionCreationPolicy.STATELESS)
+                )
+
+                // 모든 요청 허용 (테스트용)
+                .authorizeHttpRequests(auth -> auth
+                        .anyRequest().permitAll()
+                );
+
+        return http.build();
    }

-    // CORS 설정은 WebConfig에서 관리 (모든 origin 허용)
+    /**
+     * Chrome DevTools 요청 등 정적 리소스 요청을 Spring Security에서 제외
+     */
+    @Bean
+    public WebSecurityCustomizer webSecurityCustomizer() {
+        return (web) -> web.ignoring()
+                .requestMatchers("/.well-known/**");
+    }
 }
--- a/deployment/k8s/event-service/deployment.yaml
+++ b/deployment/k8s/event-service/deployment.yaml
@ -19,7 +19,7 @@ spec:
        - name: kt-event-marketing
      containers:
        - name: event-service
-          image: acrdigitalgarage01.azurecr.io/kt-event-marketing/event-service:latest
+          image: acrdigitalgarage01.azurecr.io/kt-event-marketing/event-service:dev
          imagePullPolicy: Always
          ports:
            - containerPort: 8080
@ -42,21 +42,21 @@ spec:
              memory: "1024Mi"
          startupProbe:
            httpGet:
-              path: /api/v1/events/actuator/health
+              path: /api/v1/actuator/health
              port: 8080
            initialDelaySeconds: 30
            periodSeconds: 10
            failureThreshold: 30
          readinessProbe:
            httpGet:
-              path: /api/v1/events/actuator/health/readiness
+              path: /api/v1/actuator/health/readiness
              port: 8080
            initialDelaySeconds: 10
            periodSeconds: 5
            failureThreshold: 3
          livenessProbe:
            httpGet:
-              path: /api/v1/events/actuator/health/liveness
+              path: /api/v1/actuator/health/liveness
              port: 8080
            initialDelaySeconds: 30
            periodSeconds: 10
--- a/event-service/Dockerfile
+++ b/event-service/Dockerfile
@ -7,6 +7,9 @@ RUN java -Djarmode=layertools -jar app.jar extract
 FROM eclipse-temurin:21-jre-alpine
 WORKDIR /app

+# Install glibc compatibility for Snappy native library
+RUN apk add --no-cache gcompat
+
 # Create non-root user
 RUN addgroup -S spring && adduser -S spring -G spring
 USER spring:spring
--- a/event-service/src/main/resources/application.yml
+++ b/event-service/src/main/resources/application.yml
@ -141,6 +141,10 @@ feign:
  distribution-service:
    url: ${DISTRIBUTION_SERVICE_URL:http://localhost:8085}

+  # AI Service Client
+  ai-service:
+    url: ${AI_SERVICE_URL:http://ai-service/api/v1/ai}
+
 # Application Configuration
 app:
  kafka: