본문 바로가기
Developer/Spring & eGovFrame

[eGovFrame] web.xml 대체 EgovWebApplicationInitializer.java

by 순수한소년 2021. 10. 19.
728x90
반응형

 

 

https://www.egovframe.go.kr/home/qainfo/qainfoRead.do?menuNo=69&qaId=QA_00000000000019736 

 

묻고 답하기 | 표준프레임워크 포털 eGovFrame

처리중입니다. 잠시만 기다려주십시오.

www.egovframe.go.kr

@

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
package egovframework.com.cmm.config;
 
import javax.servlet.FilterRegistration;
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.ServletRegistration;
 
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.web.WebApplicationInitializer;
import org.springframework.web.context.ContextLoaderListener;
import org.springframework.web.context.support.XmlWebApplicationContext;
import org.springframework.web.multipart.support.MultipartFilter;
import org.springframework.web.servlet.DispatcherServlet;
 
import egovframework.com.cmm.filter.HTMLTagFilter;
 
 
/**
 * EgovWebApplicationInitializer 클래스
 * <Notice>
 *        사용자 인증 권한처리를 분리(session, spring security) 하기 위해서 web.xml의 기능을 
 *        Servlet3.x WebApplicationInitializer 기능으로 처리
 * <Disclaimer>
 *        N/A
 *
* @author
 * @since 2016.06.23
 * @version 1.0
 * @see
 *
 * <pre>
 * << 개정이력(Modification Information) >>
 *
 *   수정일        수정자           수정내용
 *  -------      -------------  ----------------------
*   2016.06.23             최초 생성
*   2018.10.02             Facebook 관련 HiddenHttpMethodFilter 추가
*   2018.10.26             EgovLoginPolicyFilter 추가 (IP접근처리)
*   2018.12.03             springMultipartFilter,HTMLTagFilter 추가 (XSS방지처리)
 * </pre>
 */
 
 
public class EgovWebApplicationInitializer implements WebApplicationInitializer {
 
    @SuppressWarnings("unused")
    private static final Logger LOGGER = LoggerFactory.getLogger(EgovWebApplicationInitializer.class);
    @Override
    public void onStartup(ServletContext servletContext) throws ServletException {
        //LOGGER.info("EgovWebApplicationInitializer START-============================================");
            
        //-------------------------------------------------------------
        // Egov Web ServletContextListener 설정
        //-------------------------------------------------------------
        servletContext.addListener(new egovframework.com.cmm.context.EgovWebServletContextListener());
        
        //-------------------------------------------------------------
        // Spring CharacterEncodingFilter 설정
        //-------------------------------------------------------------
        FilterRegistration.Dynamic characterEncoding = servletContext.addFilter("encodingFilter"new org.springframework.web.filter.CharacterEncodingFilter());
        characterEncoding.setInitParameter("encoding""UTF-8");
        characterEncoding.setInitParameter("forceEncoding""true");
        characterEncoding.addMappingForUrlPatterns(nullfalse"*.do");
        //characterEncoding.addMappingForUrlPatterns(EnumSet.of(DispatcherType.REQUEST), true, "*.do");
        
        //-------------------------------------------------------------
        // Spring ServletContextListener 설정
        //-------------------------------------------------------------
        XmlWebApplicationContext rootContext = new XmlWebApplicationContext();
        rootContext.setConfigLocations(new String[] { "classpath*:egovframework/spring/com/**/context-*.xml" });
        //rootContext.setConfigLocations(new String[] { "classpath*:egovframework/spring/com/context-*.xml","classpath*:egovframework/spring/com/*/context-*.xml" });
        rootContext.refresh();
        rootContext.start();
        
        servletContext.addListener(new ContextLoaderListener(rootContext));
        
        //-------------------------------------------------------------
        // Spring ServletContextListener 설정
        //-------------------------------------------------------------
        XmlWebApplicationContext xmlWebApplicationContext = new XmlWebApplicationContext();
        xmlWebApplicationContext.setConfigLocation("/WEB-INF/config/egovframework/springmvc/egov-com-*.xml");
        ServletRegistration.Dynamic dispatcher = servletContext.addServlet("dispatcher"new DispatcherServlet(xmlWebApplicationContext));
        dispatcher.addMapping("*.do");
        //dispatcher.addMapping("/"); // Facebook OAuth 사용시 변경
        dispatcher.setLoadOnStartup(1);
        
        //-------------------------------------------------------------
        // EgovLoginPolicyFilter 설정
        //-------------------------------------------------------------    
        //FilterRegistration.Dynamic egovLoginPolicyFilter = servletContext.addFilter("LoginPolicyFilter", new EgovLoginPolicyFilter());
        //egovLoginPolicyFilter.addMappingForUrlPatterns(null, false, "/uat/uia/actionLogin.do");
            
 
        //-------------------------------------------------------------
        // HiddenHttpMethodFilter 설정 (Facebook OAuth 사용시 설정)
        //-------------------------------------------------------------
    /*    FilterRegistration.Dynamic hiddenHttpMethodFilter = servletContext.addFilter("hiddenHttpMethodFilter", new HiddenHttpMethodFilter());
        hiddenHttpMethodFilter.addMappingForUrlPatterns(null, false, "/*");*/
        
        //-------------------------------------------------------------
        // Tomcat의 경우 allowCasualMultipartParsing="true" 추가
        // <Context docBase="" path="/" reloadable="true" allowCasualMultipartParsing="true">
        //-------------------------------------------------------------
        MultipartFilter springMultipartFilter = new MultipartFilter();
        springMultipartFilter.setMultipartResolverBeanName("multipartResolver");
        FilterRegistration.Dynamic multipartFilter = servletContext.addFilter("springMultipartFilter", springMultipartFilter);
        multipartFilter.addMappingForUrlPatterns(nullfalse"*.do");
        
        //-------------------------------------------------------------
        // HTMLTagFilter의 경우는 파라미터에 대하여 XSS 오류 방지를 위한 변환을 처리합니다.
        //-------------------------------------------------------------    
        // HTMLTagFIlter의 경우는 JSP의 <c:out /> 등을 사용하지 못하는 특수한 상황에서 사용하시면 됩니다.
        // (<c:out />의 경우 뷰단에서 데이터 출력시 XSS 방지 처리가 됨)
        FilterRegistration.Dynamic htmlTagFilter = servletContext.addFilter("htmlTagFilter"new HTMLTagFilter());
        htmlTagFilter.addMappingForUrlPatterns(nullfalse"*.do");
        
        //-------------------------------------------------------------
        // Spring RequestContextListener 설정
        //-------------------------------------------------------------
        servletContext.addListener(new org.springframework.web.context.request.RequestContextListener());
        //LOGGER.info("EgovWebApplicationInitializer END-============================================");
    }
    
}
 
 cs

@

반응형
저작자표시 비영리

관련글

티스토리툴바