diff --git a/docs/RELEASE-NOTES.md b/docs/RELEASE-NOTES.md index 11fae53..404631e 100644 --- a/docs/RELEASE-NOTES.md +++ b/docs/RELEASE-NOTES.md @@ -4,6 +4,16 @@ ## [Unreleased] +## [2026-04-08] + +### 변경 +- Basic Auth 인증 비활성화 (프록시 서버로 인증 이관) +- Swagger Basic Auth 보안 스키마 제거 +- 프론트엔드 API 계정 신청/관리 메뉴 숨김 + +### 수정 +- actuator 경로 로그필터가 context-path 환경에서 동작하지 않는 버그 수정 (#6) + ## [2026-04-07] ### 수정 diff --git a/frontend/src/App.tsx b/frontend/src/App.tsx index d7dffa0..cf7f7d1 100644 --- a/frontend/src/App.tsx +++ b/frontend/src/App.tsx @@ -11,9 +11,6 @@ const BypassConfig = lazy(() => import('./pages/BypassConfig')); const BypassCatalog = lazy(() => import('./pages/BypassCatalog')); const ScreeningGuide = lazy(() => import('./pages/ScreeningGuide')); const RiskComplianceHistory = lazy(() => import('./pages/RiskComplianceHistory')); -const BypassAccountRequests = lazy(() => import('./pages/BypassAccountRequests')); -const BypassAccountManagement = lazy(() => import('./pages/BypassAccountManagement')); -const BypassAccessRequest = lazy(() => import('./pages/BypassAccessRequest')); function AppLayout() { const { toasts, removeToast } = useToastContext(); @@ -41,9 +38,6 @@ function AppLayout() { } /> } /> - } /> - } /> - } /> } /> } /> diff --git a/frontend/src/components/Navbar.tsx b/frontend/src/components/Navbar.tsx index ab6f99f..2f37c3c 100644 --- a/frontend/src/components/Navbar.tsx +++ b/frontend/src/components/Navbar.tsx @@ -30,9 +30,6 @@ const MENU_STRUCTURE: MenuSection[] = [ children: [ { id: 'bypass-catalog', label: 'API 카탈로그', path: '/bypass-catalog' }, { id: 'bypass-config', label: 'API 관리', path: '/bypass-config' }, - { id: 'bypass-account-requests', label: '계정 신청 관리', path: '/bypass-account-requests' }, - { id: 'bypass-account-management', label: '계정 관리', path: '/bypass-account-management' }, - { id: 'bypass-access-request', label: 'API 계정 신청', path: '/bypass-access-request' }, ], }, { diff --git a/frontend/src/pages/MainMenu.tsx b/frontend/src/pages/MainMenu.tsx index d580582..65abce9 100644 --- a/frontend/src/pages/MainMenu.tsx +++ b/frontend/src/pages/MainMenu.tsx @@ -5,11 +5,11 @@ const sections = [ { title: 'S&P Global API', description: 'S&P Global Maritime API', - detail: 'API 카탈로그, API 계정 신청', + detail: 'API 카탈로그, API 설정 관리', path: '/bypass-catalog', icon: '🌐', iconClass: 'gc-card-icon gc-card-icon-guide', - menuCount: 5, + menuCount: 2, }, { title: 'S&P Risk & Compliance', diff --git a/src/main/java/com/snp/batch/api/logging/ApiAccessLoggingFilter.java b/src/main/java/com/snp/batch/api/logging/ApiAccessLoggingFilter.java index 2322337..d47f40a 100644 --- a/src/main/java/com/snp/batch/api/logging/ApiAccessLoggingFilter.java +++ b/src/main/java/com/snp/batch/api/logging/ApiAccessLoggingFilter.java @@ -58,7 +58,7 @@ public class ApiAccessLoggingFilter extends OncePerRequestFilter { } private boolean shouldSkip(String uri) { - return uri.startsWith("/actuator") + return uri.contains("/actuator") || uri.startsWith("/css") || uri.startsWith("/js") || uri.startsWith("/images") diff --git a/src/main/java/com/snp/batch/global/config/SecurityConfig.java b/src/main/java/com/snp/batch/global/config/SecurityConfig.java index 066a12d..04297da 100644 --- a/src/main/java/com/snp/batch/global/config/SecurityConfig.java +++ b/src/main/java/com/snp/batch/global/config/SecurityConfig.java @@ -33,12 +33,8 @@ public class SecurityConfig { .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS)) .authorizeHttpRequests(auth -> auth - .requestMatchers("/api/compliance/**").authenticated() - .requestMatchers("/api/risk/**").authenticated() .anyRequest().permitAll() - ) - .httpBasic(basic -> basic - .authenticationEntryPoint(new BypassAuthenticationEntryPoint())); + ); return http.build(); } diff --git a/src/main/java/com/snp/batch/global/config/SwaggerConfig.java b/src/main/java/com/snp/batch/global/config/SwaggerConfig.java index 08f381c..59dad41 100644 --- a/src/main/java/com/snp/batch/global/config/SwaggerConfig.java +++ b/src/main/java/com/snp/batch/global/config/SwaggerConfig.java @@ -1,12 +1,9 @@ package com.snp.batch.global.config; -import io.swagger.v3.oas.models.Components; import io.swagger.v3.oas.models.OpenAPI; import io.swagger.v3.oas.models.info.Contact; import io.swagger.v3.oas.models.info.Info; import io.swagger.v3.oas.models.info.License; -import io.swagger.v3.oas.models.security.SecurityRequirement; -import io.swagger.v3.oas.models.security.SecurityScheme; import io.swagger.v3.oas.models.servers.Server; import org.springdoc.core.models.GroupedOpenApi; import org.springframework.beans.factory.annotation.Value; @@ -77,7 +74,6 @@ public class SwaggerConfig { .title("Bypass API") .description("S&P Global 선박/해운 데이터를 제공합니다.") .version("v1.0.0")); - openApi.addSecurityItem(new SecurityRequirement().addList("basicAuth")); }) .build(); } @@ -115,13 +111,7 @@ public class SwaggerConfig { return new OpenAPI() .info(defaultApiInfo()) - .servers(servers) - .components(new Components() - .addSecuritySchemes("basicAuth", - new SecurityScheme() - .type(SecurityScheme.Type.HTTP) - .scheme("basic") - .description("Bypass API 접근 계정 (발급된 ID/PW 사용)"))); + .servers(servers); } private Info defaultApiInfo() {