{"id":2444,"date":"2021-07-26T16:33:59","date_gmt":"2021-07-26T07:33:59","guid":{"rendered":"https:\/\/www.skyer9.pe.kr\/wordpress\/?p=2444"},"modified":"2021-07-27T13:45:21","modified_gmt":"2021-07-27T04:45:21","slug":"spring-boot-cookie-httponly","status":"publish","type":"post","link":"https:\/\/www.skyer9.pe.kr\/wordpress\/?p=2444","title":{"rendered":"Spring Boot Session Security"},"content":{"rendered":"

Spring Boot Session Security<\/h1>\n

\ucc38\uc870<\/a><\/p>\n

Spring Boot Session<\/h2>\n

\uc2a4\ud504\ub9c1 \ubd80\ud2b8\uc5d0\uc11c\uc758 \uc138\uc158\uc740 \uc720\ud6a8\uc2dc\uac04\uc774 15\ubd84\uc785\ub2c8\ub2e4.
\n15\ubd84\ub3d9\uc548 \uc0ac\uc6a9\uc790\uac00 \uc544\ubb34\ub7f0 \ud589\ub3d9\uc744 \ud558\uc9c0 \uc54a\uc73c\uba74,
\n\uc720\ud6a8\uc2dc\uac04\uc774 \uc885\ub8cc\ub418\uba70, \ub85c\uadf8\uc778\uc774 \ud480\ub9ac\uac8c \ub429\ub2c8\ub2e4.<\/p>\n

\ub610\ud55c, \ucfe0\ud0a4 JSESSIONID<\/code> \ub3c4 \uc720\uc9c0\ub418\uc5b4\uc57c \ud569\ub2c8\ub2e4.
\n\ub514\ud3f4\ud2b8\ub85c JSESSIONID<\/code> \uc758 \uc720\uc9c0\uc2dc\uac04\uc740 \ube0c\ub77c\uc6b0\uc800 \uc885\ub8cc(\ube0c\ub77c\uc6b0\uc800 \ud0ed X)\uc2dc \uc0ac\ub77c\uc9d1\ub2c8\ub2e4.
\n\ub2f9\uc5f0\ud788 \ub85c\uadf8\uc778\ub3c4 \ud480\ub9bd\ub2c8\ub2e4.<\/p>\n

\uc544\ub798 \uc124\uc815\uc73c\ub85c \ub85c\uadf8\uc778 \uc720\uc9c0\uc2dc\uac04\uc744 \ub298\ub9b4 \uc218 \uc788\uc2b5\ub2c8\ub2e4.<\/p>\n

application.yml<\/p>\n

server:\n  servlet:\n    session:\n      timeout: 43200m      # 60m * 24h * 30d\n      cookie:\n        max-age: 43200m    # 60m * 24h * 30d\n        name: SID\n        http-only: true\n        secure: true<\/code><\/pre>\n
JSESSIONID<\/h2>\n
httpOnly<\/h3>\n
\"\"<\/a><\/p>\n
JSESSIONID<\/code> \uac00 \ud0c8\ucde8\ub418\uba74, \ub204\uad6c\ub098 \ub85c\uadf8\uc778\ub41c \uc0c1\ud0dc\ub85c \uc0ac\uc774\ud2b8\uc5d0 \uc811\uadfc \uac00\ub2a5\ud574\uc9d1\ub2c8\ub2e4.<\/p>\n
\ucfe0\ud0a4 JSESSIONID<\/code> \ub294 \ub514\ud3f4\ud2b8\ub85c httpOnly<\/code> \ub85c \uc124\uc815\ub418\uc5b4 \uc788\uc2b5\ub2c8\ub2e4.
\n\uc989, \ube0c\ub77c\uc6b0\uc800\uc5d0\uc11c \uc0ac\uc6a9\ub418\ub294 \uc790\ubc14\uc2a4\ud06c\ub9bd\ud2b8\uc5d0\uc11c\ub294 \uc811\uadfc\ud560 \uc218 \uc5c6\uc2b5\ub2c8\ub2e4.
\n\uac1c\ubc1c\uc790\ub3c4 \uc0ac\uc6a9 \ubabb\ud558\uace0, \ud574\ucee4\ub3c4 \ud0c8\ucde8\ubabb\ud569\ub2c8\ub2e4.<\/p>\n
\ud558\uc9c0\ub9cc \uc774\uac78\ub85c \ucda9\ubd84\ud55c\uac8c \uc544\ub2d9\ub2c8\ub2e4.<\/p>\n
\ud574\ucee4\uac00 \uc0ac\uc6a9\uc790\uc758 PC \uc640 \uc11c\ubc84 \uc0ac\uc774\uc758 \uc778\ud130\ub137 \ub77c\uc778\uc5d0 \uc811\uadfc\ud55c\ub2e4\uba74…
\n\uac04\ub2e8\ud788 \uc0ac\uc6a9\uc790\uac00 \uc0ac\ubb34\uc2e4\uc5d0\uc11c \uc11c\ubc84\uc5d0 \uc811\uadfc\ud558\uace0,
\n\ud574\ucee4\uac00 \uc0ac\ubb34\uc2e4 \uc778\ud130\ub137\uc744 \uc0ac\uc6a9\ud560 \uc218 \uc788\ub2e4\uba74…<\/p>\n
\ud328\ud0b7 \uc2a4\ub2c8\ud551\uc744 \uc774\uc6a9\ud574 JSESSIONID<\/code> \ub97c \ud0c8\ucde8\ud560 \uc218 \uc788\uc2b5\ub2c8\ub2e4.<\/p>\n
Secure<\/h3>\n
https \uc77c\ub54c\ub9cc \ucfe0\ud0a4\ub97c \uc804\uc1a1\ud558\ub294 \ud50c\ub798\uadf8\uc785\ub2c8\ub2e4.<\/p>\n
\ud328\ud0b7 \uc2a4\ub2c8\ud551\uc744 \ud574\ub3c4 https \ub294 \ub370\uc774\ud0c0\ub97c \ubcfc \uc218 \uc5c6\uc2b5\ub2c8\ub2e4.<\/p>\n
\uc774\uac78 \uc774\uc6a9\ud574, \uac80\uc99d\uc6a9 \ucfe0\ud0a4\ub97c Secure<\/code> \ud50c\ub798\uadf8\ub97c \ubd99\uc5ec\uc11c \ub9cc\ub4e4\uc5b4 \ub450\uba74,
\n\ud0c8\ucde8\ub2f9\ud55c \ucfe0\ud0a4\uc778\uc9c0 \uc815\uc0c1\uc801\uc778 \ucfe0\ud0a4\uc778\uc9c0 \ud655\uc778\ud560 \uc218 \uc788\uc2b5\ub2c8\ub2e4.<\/p>\n
Session \uc800\uc7a5\uacf5\uac04<\/h2>\n
\uc138\uc158\uc740 \ub514\ud3f4\ud2b8\ub85c \uba54\ubaa8\ub9ac\uc5d0 \uc800\uc7a5\ub429\ub2c8\ub2e4.<\/p>\n
\uc774\ub85c \uc778\ud574 \uba87\uac00\uc9c0 \ubb38\uc81c\uac00 \ubc1c\uc0dd\ud569\ub2c8\ub2e4.<\/p>\n
\uccab\uc9f8\ub85c, \uc11c\ubc84 \uc7ac\ubd80\ud305\ub9c8\ub2e4 \uc0ac\uc6a9\uc790 \ub85c\uadf8\uc778\uc774 \ud480\ub9bd\ub2c8\ub2e4.<\/p>\n
\ub458\uc9f8, \uba54\ubaa8\ub9ac\uc758 \ud55c\uacc4\ub85c \ub9ce\uc740 \uc591\uc758 \uc138\uc158\uc815\ubcf4\ub97c \uc800\uc7a5\ud558\uc9c0 \ubabb\ud558\uac8c \ub429\ub2c8\ub2e4.<\/p>\n
\uc138\uc9f8, \uc11c\ube44\uc2a4 \ubd80\ud558 \ubd84\uc0b0\uc744 \uc704\ud574 \ubcd1\ub82c\uc11c\ubc84 \uad6c\uc131\uc2dc, A \uc11c\ubc84\uc5d0\uc11c \ub85c\uadf8\uc778\ud588\ub2e4\uace0 \ud574\ub3c4,
\n\ub2e4\uc74c\uc5d0 B\uc11c\ubc84\uc5d0 \uc811\uc18d\ud558\uac8c \ub418\uba74 \ub85c\uadf8\uc778\uc774 \uc548\ub418\uc5b4 \uc788\ub294 \uc0c1\ud0dc\uac00 \ub429\ub2c8\ub2e4.<\/p>\n
\uc774\ub97c \ud574\uacb0\ud558\uae30 \uc704\ud574, \uc138\uc158\uc744 JDBC \uc5d0 \uc800\uc7a5\ud558\uac70\ub098, Redis \uc640 \uac19\uc740
\n\uce90\uc2dc \uc2dc\uc2a4\ud15c\uc5d0 \uc800\uc7a5\ud558\ub294 \ubc29\uc2dd\uc774 \uc0ac\uc6a9\ub429\ub2c8\ub2e4.<\/p>\n","protected":false},"excerpt":{"rendered":"
Spring Boot Session Security \ucc38\uc870 Spring Boot Session \uc2a4\ud504\ub9c1 \ubd80\ud2b8\uc5d0\uc11c\uc758 \uc138\uc158\uc740 \uc720\ud6a8\uc2dc\uac04\uc774 15\ubd84\uc785\ub2c8\ub2e4. 15\ubd84\ub3d9\uc548 \uc0ac\uc6a9\uc790\uac00 \uc544\ubb34\ub7f0 \ud589\ub3d9\uc744 \ud558\uc9c0 \uc54a\uc73c\uba74, \uc720\ud6a8\uc2dc\uac04\uc774 \uc885\ub8cc\ub418\uba70, \ub85c\uadf8\uc778\uc774 \ud480\ub9ac\uac8c \ub429\ub2c8\ub2e4. \ub610\ud55c, \ucfe0\ud0a4 JSESSIONID \ub3c4 \uc720\uc9c0\ub418\uc5b4\uc57c \ud569\ub2c8\ub2e4. \ub514\ud3f4\ud2b8\ub85c JSESSIONID \uc758 \uc720\uc9c0\uc2dc\uac04\uc740 \ube0c\ub77c\uc6b0\uc800 \uc885\ub8cc(\ube0c\ub77c\uc6b0\uc800 \ud0ed X)\uc2dc \uc0ac\ub77c\uc9d1\ub2c8\ub2e4. \ub2f9\uc5f0\ud788 \ub85c\uadf8\uc778\ub3c4 \ud480\ub9bd\ub2c8\ub2e4. \uc544\ub798 \uc124\uc815\uc73c\ub85c \ub85c\uadf8\uc778 \uc720\uc9c0\uc2dc\uac04\uc744 \ub298\ub9b4 \uc218 \uc788\uc2b5\ub2c8\ub2e4. application.yml server: servlet: session: timeout: 43200m\u2026 Read More »<\/a><\/span><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[29],"tags":[],"class_list":["post-2444","post","type-post","status-publish","format-standard","hentry","category-spring-boot-2-5"],"_links":{"self":[{"href":"https:\/\/www.skyer9.pe.kr\/wordpress\/index.php?rest_route=\/wp\/v2\/posts\/2444","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.skyer9.pe.kr\/wordpress\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.skyer9.pe.kr\/wordpress\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.skyer9.pe.kr\/wordpress\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.skyer9.pe.kr\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2444"}],"version-history":[{"count":8,"href":"https:\/\/www.skyer9.pe.kr\/wordpress\/index.php?rest_route=\/wp\/v2\/posts\/2444\/revisions"}],"predecessor-version":[{"id":2458,"href":"https:\/\/www.skyer9.pe.kr\/wordpress\/index.php?rest_route=\/wp\/v2\/posts\/2444\/revisions\/2458"}],"wp:attachment":[{"href":"https:\/\/www.skyer9.pe.kr\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2444"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.skyer9.pe.kr\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=2444"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.skyer9.pe.kr\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=2444"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}