{ xtype: 'form', title: 'Login', frame: true, bodyPadding: 5, width: 250, // 전송할 url 정보 설정 url: '/login', // defaultType 설정 defaultType: 'textfield', items: [ { fieldLabel: 'ID', name: 'username', allowBlank: false, labelWidth: 40, emptyText: 'User ID', }, { fieldLabel: 'PW', name: 'password', allowBlank: false, labelWidth: 40, emptyText: 'Password', inputType: 'password..

1. 'csrf' 정보를 같이 전송하지 않으면, 에러 발생함특별히 'csrf'와 관련해서 에러에 표시되는 부분이 없음# html 파일# 서버에서 csrf 정보를 가져옴 # js 파일# html의 csrf 정보를 참조하여 header에 설정함form.submit({ params: { '_csrf': document.getElementById('_csrf').innerText }, success: function(form, action) { }, failure: function(form, action) { }});2. 서버와 연동성공/실패 handler 추가 @Bean public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exce..

# data.put에 들어가는 값이 null이면, json 결과에서 제외 됨# targetUrl = null이면, response에 referer가 빠짐response.setContentType("application/json;charset=UTF-8");response.setStatus(HttpServletResponse.SC_OK);JSONObject data = new JSONObject();data.put("success", true);data.put("msg", "테스트 성공!!");data.put("referer", targetUrl);PrintWriter writer = response.getWriter();writer.print(data);writer.flush();

sencha에서도 적용됨window.location.href = "https://www.naver.com";# referer 적용window.location.href = document.referrer;

환경설정에 handler 추가 @Autowired private CustomAuthenticationSuccessHandler customAuthenticationSuccessHandler; @Autowired private CustomAuthenticationFailureHandler customAuthenticationFailureHandler; @Bean public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { http.authorizeHttpRequests((requests) -> requests .requestMatchers(exceptUrl).permitAll() ...

@RequestMapping("/login") public String login(HttpServletRequest request, HttpServletResponse response) { // case1 HttpSession session = request.getSession(); log.debug(session.getAttribute("SPRING_SECURITY_SAVED_REQUEST")); // case2 RequestCache requestCache = new HttpSessionRequestCache(); SavedRequest savedRequest = requestCache.getRequest(request, response); ..