10. 상품 등록 페이지의 보안 처리하기
2020. 11. 18. 13:33
728x90
1. 웹 서버에 사용자와 역할 설정하기
Server -> tomcat-user.xml
<?xml version="1.0" encoding="UTF-8"?>
<!--
Licensed to the Apache Software Foundation (ASF) under one or more
contributor license agreements. See the NOTICE file distributed with
this work for additional information regarding copyright ownership.
The ASF licenses this file to You under the Apache License, Version 2.0
(the "License"); you may not use this file except in compliance with
the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
--><tomcat-users version="1.0" xmlns="http://tomcat.apache.org/xml" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://tomcat.apache.org/xml tomcat-users.xsd">
<!--
NOTE: By default, no user is included in the "manager-gui" role required
to operate the "/manager/html" web application. If you wish to use this app,
you must define such a user - the username and password are arbitrary. It is
strongly recommended that you do NOT use one of the users in the commented out
section below since they are intended for use with the examples web
application.
-->
<!--
NOTE: The sample user and role entries below are intended for use with the
examples web application. They are wrapped in a comment and thus are ignored
when reading this file. If you wish to configure these users for use with the
examples web application, do not forget to remove the <!.. ..> that surrounds
them. You will also need to set the passwords to something appropriate.
-->
<role rolename="tomcat"/>
<role rolename="role1"/>
<role rolename="admin" />
<user username="tomcat" password="tomcat1234" roles="tomcat"/>
<user username="both" password="both1234" roles="tomcat,role1"/>
<user username="role1" password="role1234" roles="role1"/>
<user username="admin" password="1234" roles="admin" />
</tomcat-users>
2. 웹 애플리케이션 배포 성명자 web.xml 만들기
web.xml
<?xml version="1.0" encoding="UTF-8"?>
<web-app>
<security-role>
<description></description>
<role-name>admin</role-name>
</security-role>
<security-constraint>
<display-name>WebMarket Security</display-name>
<web-resource-collection>
<web-resource-name>WebMarket</web-resource-name>
<description></description>
<url-pattern>/addProduct.jsp</url-pattern>
</web-resource-collection>
<auth-constraint>
<description>권한 권리자명</description>
<rols-name>admin</rols-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/login.jsp</form-login-page>
<form-error-page>/login_failed.jsp</form-error-page>
</form-login-config>
</login-config>
</web-app>3. 로그인 페이지 만들기
login.jsp
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>Insert title here</title>
<link rel="stylesheet" href="./resource/css/bootstrap.min.css" />
</head>
<body>
<jsp:include page="Menu.jsp" />
<div class="jumbotron">
<div class="container">
<h1 class="display-3">로그인</h1>
</div>
</div>
<div class="container" align="center">
<div class="col-md-4 col-md-offset-4">
<h3 class="form-signin-heading">Please sign in</h3>
<%
String error = request.getParameter("error");
if(error != null){
out.println("<div class='alert alert-danger'>");
out.println("아이디와 비밀번호를 확인해주세요");
out.println("</div>");
}
%>
<form class="form-signin" action="j_security_check" method="post">
<div class="form-group">
<label for="inputUserName" class="sr-only">User Name</label>
<input type="text" class="form-control" placeholder="ID" name='j_username' required autofocus>
</div>
<div class="form-group">
<label for="inputPasswrod" class="sr-only">Password</label>
<input type="password" class="form-control" placeholder="Password" name='j_password' required>
</div>
<button class="btn btn btn-lg btn-success btn-block" type="submit">로그인</button>
</form>
</div>
</div>
</body>
</html>
4. 로그인 인증 실패 페이지 만들기
login_failed.jsp
<%
response.sendRedirect("login.jsp?error=1");
%>
5. 로그아웃 페이지 만들기
logout.jsp
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
<%
session.invalidate();
response.sendRedirect("addProduct.jsp");
%>6. 상품 등록 페이지 수정하기
addProduct.jsp
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
<%@ taglib prefix="fmt" uri="http://java.sun.com/jsp/jstl/fmt" %>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>상품 등록</title>
<link rel="stylesheet" href="./resources/css/bootstrap.min.css">
<script type="text/javascript" src="./resources/js/validation.jsp">
</script>
</head>
<body>
<fmt:setLocale value='<%=request.getParameter("language") %>' />
<fmt:bundle basename="bundle.message">
<%@ include file="Menu.jsp" %>
<div class="jumbotron">
<div class="container">
<h1 class="display-3"><fmt:message key="title" /> </h1>
</div>
</div>
<div class="container">
<div class="text-right">
<a href="?language=ko">Korean</a>
|
<a href="?language=en">English</a>
<a href="logout.jsp" class="btn btn-sm btn-success puul-right">logout</a>
</div>
<form name="newProduct" action="./processAddProduct.jsp"
class="form-horizontal" method="post">
<div class="form-group row">
<label class="col-sm-2"><fmt:message key="productId" /></label>
<div class="col-sm-3">
<input type="text" id="productId" name="productId" class="form-control">
</div>
</div>
<div class="form-group row">
<label class="col-sm-2"><fmt:message key="pname" /></label>
<div class="col-sm-3">
<input type="text" id="name" name="name" class="form-control">
</div>
</div>
<div class="form-group row">
<label class="col-sm-2"><fmt:message key="unitPrice" /></label>
<div class="col-sm-3">
<input type="text" id="unitPrice" name="unitPrice" class="form-control">
</div>
</div>
<div class="form-group row">
<label class="col-sm-2"><fmt:message key="description" /></label>
<div class="col-sm-3">
<textarea name="description" cols="50" rows="2"></textarea>
</div>
</div>
<div class="form-group row">
<label class="col-sm-2"><fmt:message key="manufacturer" /></label>
<div class="col-sm-3">
<input type="text" name="manufacturer" class="form-control">
</div>
</div>
<div class="form-group row">
<label class="col-sm-2"><fmt:message key="category" /></label>
<div class="col-sm-3">
<input type="text" name="category" class="form-control">
</div>
</div>
<div class="form-group row">
<label class="col-sm-2"><fmt:message key="unitsInStock" /></label>
<div class="col-sm-3">
<input type="text" id="unitsInStock" name="unitsInStock" class="form-control">
</div>
</div>
<div class="form-group row">
<label class="col-sm-2"><fmt:message key="condition" /></label>
<div class="col-sm-5">
<input type="radio" name="condition" value="New " >
<fmt:message key="condition_New" />
<input type="radio" name="condition" value="Old " >
<fmt:message key="condition_Old" />
<input type="radio" name="condition" value="Refurbished " >
<fmt:message key="condition_Refurbished" />
</div>
</div>
<div class="form-group row">
<label class="col-sm-2"><fmt:message key="productImage" /></label>
<div class="col-sm-5">
<input type="file" name="productImage" class="form-control">
</div>
</div>
<div class="form-group row">
<div class="col-sm-offset-2 col-sm-10">
<input type="button" class="btn btn-primary" value="<fmt:message key="button" />" onclick="CheckAddProduct()">
</div>
</div>
</form>
</div>
<%@ include file="Footer.jsp" %>
</fmt:bundle>
</body>
</html>
728x90
반응형
'Code > Market' 카테고리의 다른 글
| 12. 로그 기록하기 (0) | 2020.11.18 |
|---|---|
| 11. 예외 처리 페이지 만들기 (0) | 2020.11.18 |
| 09. 상품 등록 페이지의 다국어 처리하기 (0) | 2020.11.18 |
| 08. 상품 등록 데이터의 유효성 검사하기 (0) | 2020.09.29 |
| 07. 상품 이미지 등록하기 (0) | 2020.09.29 |