shared-dg05-dodari/kt-event-marketing
7
0
Fork 0
mirror of https://github.com/ktds-dg0501/kt-event-marketing.git synced 2026-01-21 13:26:23 +00:00
Code Issues Packages Projects Releases Wiki Activity

CORS설정변경

Browse Source
This commit is contained in:
Hyowon Yang 2025-10-30 23:10:20 +09:00
commit 2c4f2b0516
4 changed files with 37 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

48
analytics-service/src/main/java/com/kt/event/analytics/config/SecurityConfig.java
View File

@ -1,43 +1,47 @@
package com.kt.event.analytics.config; package com.kt.event.analytics.config;
import com.kt.event.common.security.JwtAuthenticationFilter;
import com.kt.event.common.security.JwtTokenProvider;
import lombok.RequiredArgsConstructor;
import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer;
import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer; import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
import org.springframework.security.config.http.SessionCreationPolicy; import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.web.SecurityFilterChain; import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
/** /**
* Spring Security 설정 * Spring Security 설정
* JWT 기반 인증 API 보안 설정 * API 테스트를 위해 일단 모든 요청 허용
*
* CORS 설정은 WebConfig에서 관리합니다.
*/ */
@Configuration @Configuration
@EnableWebSecurity @EnableWebSecurity
@RequiredArgsConstructor
public class SecurityConfig { public class SecurityConfig {
private final JwtTokenProvider jwtTokenProvider;
@Bean @Bean
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
return http http
.csrf(AbstractHttpConfigurer::disable) // CSRF 비활성화 (REST API는 CSRF 불필요)
.cors(AbstractHttpConfigurer::disable) // CORS는 WebConfig에서 관리 .csrf(AbstractHttpConfigurer::disable)
.sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
.authorizeHttpRequests(auth -> auth // 세션 사용 (JWT 기반 인증)
.anyRequest().permitAll() .sessionManagement(session ->
) session.sessionCreationPolicy(SessionCreationPolicy.STATELESS)
.addFilterBefore(new JwtAuthenticationFilter(jwtTokenProvider), )
UsernamePasswordAuthenticationFilter.class)
.build(); // 모든 요청 허용 (테스트용)
.authorizeHttpRequests(auth -> auth
.anyRequest().permitAll()
);
return http.build();
} }
// CORS 설정은 WebConfig에서 관리 (모든 origin 허용) /**
* Chrome DevTools 요청 정적 리소스 요청을 Spring Security에서 제외
*/
@Bean
public WebSecurityCustomizer webSecurityCustomizer() {
return (web) -> web.ignoring()
.requestMatchers("/.well-known/**");
}
} }

8
deployment/k8s/event-service/deployment.yaml
View File

@ -19,7 +19,7 @@ spec:
- name: kt-event-marketing - name: kt-event-marketing
containers: containers:
- name: event-service - name: event-service
image: acrdigitalgarage01.azurecr.io/kt-event-marketing/event-service:latest image: acrdigitalgarage01.azurecr.io/kt-event-marketing/event-service:dev
imagePullPolicy: Always imagePullPolicy: Always
ports: ports:
- containerPort: 8080 - containerPort: 8080
@ -42,21 +42,21 @@ spec:
memory: "1024Mi" memory: "1024Mi"
startupProbe: startupProbe:
httpGet: httpGet:
path: /api/v1/events/actuator/health path: /api/v1/actuator/health
port: 8080 port: 8080
initialDelaySeconds: 30 initialDelaySeconds: 30
periodSeconds: 10 periodSeconds: 10
failureThreshold: 30 failureThreshold: 30
readinessProbe: readinessProbe:
httpGet: httpGet:
path: /api/v1/events/actuator/health/readiness path: /api/v1/actuator/health/readiness
port: 8080 port: 8080
initialDelaySeconds: 10 initialDelaySeconds: 10
periodSeconds: 5 periodSeconds: 5
failureThreshold: 3 failureThreshold: 3
livenessProbe: livenessProbe:
httpGet: httpGet:
path: /api/v1/events/actuator/health/liveness path: /api/v1/actuator/health/liveness
port: 8080 port: 8080
initialDelaySeconds: 30 initialDelaySeconds: 30
periodSeconds: 10 periodSeconds: 10

3
event-service/Dockerfile
View File

@ -7,6 +7,9 @@ RUN java -Djarmode=layertools -jar app.jar extract
FROM eclipse-temurin:21-jre-alpine FROM eclipse-temurin:21-jre-alpine
WORKDIR /app WORKDIR /app
# Install glibc compatibility for Snappy native library
RUN apk add --no-cache gcompat
# Create non-root user # Create non-root user
RUN addgroup -S spring && adduser -S spring -G spring RUN addgroup -S spring && adduser -S spring -G spring
USER spring:spring USER spring:spring

4
event-service/src/main/resources/application.yml
View File

@ -141,6 +141,10 @@ feign:
distribution-service: distribution-service:
url: ${DISTRIBUTION_SERVICE_URL:http://localhost:8085} url: ${DISTRIBUTION_SERVICE_URL:http://localhost:8085}
# AI Service Client
ai-service:
url: ${AI_SERVICE_URL:http://ai-service/api/v1/ai}
# Application Configuration # Application Configuration
app: app:
kafka: kafka: