운영환경처리

2026-03-10 08:39:42 +09:00
parent 43d0e55cb7
commit 5c082f7c9d
5 changed files with 58 additions and 4 deletions
--- a/src/main/java/com/kamco/cd/training/config/SecurityConfig.java
+++ b/src/main/java/com/kamco/cd/training/config/SecurityConfig.java
@@ -3,6 +3,7 @@ package com.kamco.cd.training.config;
 import com.kamco.cd.training.auth.CustomAuthenticationProvider;
 import com.kamco.cd.training.auth.JwtAuthenticationFilter;
 import java.util.List;
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.http.HttpMethod;
@@ -25,6 +26,9 @@ import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
@EnableWebSecurity
 public class SecurityConfig {

+  @Value("${cors.allowed-origins}")
+  private List<String> allowedOrigins;
+
  @Bean
  public SecurityFilterChain securityFilterChain(
      org.springframework.security.config.annotation.web.builders.HttpSecurity http,
@@ -104,15 +108,19 @@ public class SecurityConfig {
    return new BCryptPasswordEncoder();
  }

-  /** CORS 설정 */
+  /** CORS 설정 - application.yml에서 환경별로 관리 */
  @Bean
  public CorsConfigurationSource corsConfigurationSource() {
    CorsConfiguration config = new CorsConfiguration(); // CORS 객체 생성
-    config.setAllowedOriginPatterns(List.of("*")); // 도메인 허용
+
+    // application.yml에서 환경별로 설정된 도메인 사용
+    config.setAllowedOriginPatterns(allowedOrigins);
+
    config.setAllowedMethods(List.of("GET", "POST", "PUT", "PATCH", "DELETE", "OPTIONS"));
    config.setAllowedHeaders(List.of("*")); // 헤더요청 Authorization, Content-Type, X-Custom-Header
    config.setAllowCredentials(true); // 쿠키, Authorization 헤더, Bearer Token 등 자격증명 포함 요청을 허용할지 설정
-    config.setExposedHeaders(List.of("Content-Disposition"));
+    config.setExposedHeaders(List.of("Content-Disposition", "Authorization"));
+    config.setMaxAge(3600L); // Preflight 요청 캐시 (1시간)

    UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
    /** "/**" → 모든 API 경로에 대해 이 CORS 규칙을 적용 /api/** 같이 특정 경로만 지정 가능. */
--- a/src/main/resources/application-dev.yml
+++ b/src/main/resources/application-dev.yml
@@ -70,3 +70,11 @@ train:
    containerPrefix: kamco-cd-train
    shmSize: 16g
    ipcHost: true
+
+# CORS 설정 (개발 환경)
+cors:
+  allowed-origins:
+    - https://kamco.training-dev.gs.dabeeo.com
+    - http://localhost:3002
+    - http://192.168.2.109:3002
+    - http://192.168.2.109:7100
--- a/src/main/resources/application-prod.yml
+++ b/src/main/resources/application-prod.yml
@@ -70,3 +70,8 @@ train:
    shmSize: 16g
    ipcHost: true

+# CORS 설정 (운영 환경)
+cors:
+  allowed-origins:
+    - https://train-kamco.com
+
--- a/src/main/resources/application.yml
+++ b/src/main/resources/application.yml
@@ -54,6 +54,12 @@ logging:
        web: INFO
        security: INFO
    root: INFO
+
+# CORS 설정
+cors:
+  allowed-origins:
+    - http://localhost:3000
+    - http://localhost:3002
 # actuator
 management:
  health: