(step2) httpSecurity - SecurityContextConfigurer를 이용한 SecurityContextHolderFilter 등록

haero77 · haero77 · commit 58387a8807f9 · 2025-03-16T13:14:51.000+09:00
diff --git a/src/main/java/nextstep/security/config/annotation/web/builders/HttpSecurity.java b/src/main/java/nextstep/security/config/annotation/web/builders/HttpSecurity.java
@@ -9,6 +9,7 @@
 import nextstep.security.config.annotation.web.configurers.CsrfConfigurer;
 import nextstep.security.config.annotation.web.configurers.FormLoginConfigurer;
 import nextstep.security.config.annotation.web.configurers.HttpBasicConfigurer;
+import nextstep.security.config.annotation.web.configurers.SecurityContextConfigurer;
 
 import java.util.*;
 
@@ -67,6 +68,11 @@ public HttpSecurity authorizeHttpRequests() {
         return this;
     }
 
+    public HttpSecurity securityContext(Customizer<SecurityContextConfigurer> securityContextCustomizer) {
+        securityContextCustomizer.customize(getOrApply(new SecurityContextConfigurer()));
+        return this;
+    }
+
     public void addFilter(Filter filter) {
         this.filters.add(filter);
     }
diff --git a/src/main/java/nextstep/security/config/annotation/web/configuration/HttpSecurityConfiguration.java b/src/main/java/nextstep/security/config/annotation/web/configuration/HttpSecurityConfiguration.java
@@ -1,6 +1,7 @@
 package nextstep.security.config.annotation.web.configuration;
 
 import nextstep.security.authentication.AuthenticationManager;
+import nextstep.security.config.Customizer;
 import nextstep.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
@@ -10,6 +11,11 @@ public class HttpSecurityConfiguration {
 
     @Bean
     HttpSecurity httpSecurity(AuthenticationManager authenticationManager) {
-        return new HttpSecurity(authenticationManager);
+        HttpSecurity http = new HttpSecurity(authenticationManager);
+
+        http
+                .securityContext(Customizer.withDefaults());
+
+        return http;
     }
 }
diff --git a/src/main/java/nextstep/security/config/annotation/web/configurers/SecurityContextConfigurer.java b/src/main/java/nextstep/security/config/annotation/web/configurers/SecurityContextConfigurer.java
@@ -0,0 +1,18 @@
+package nextstep.security.config.annotation.web.configurers;
+
+import nextstep.security.config.annotation.web.SecurityConfigurer;
+import nextstep.security.config.annotation.web.builders.HttpSecurity;
+import nextstep.security.context.SecurityContextHolderFilter;
+
+public class SecurityContextConfigurer implements SecurityConfigurer {
+
+    @Override
+    public void init(HttpSecurity http) {
+    }
+
+    @Override
+    public void configure(HttpSecurity http) {
+        SecurityContextHolderFilter filter = new SecurityContextHolderFilter();
+        http.addFilter(filter);
+    }
+}
