Creditto-FISA · JayongLee · Dec 10, 2025 · Dec 6, 2025 · Dec 6, 2025 · Dec 6, 2025
diff --git a/build.gradle b/build.gradle
@@ -35,6 +35,8 @@ dependencies {
 	implementation 'org.springframework.boot:spring-boot-starter-data-jpa'
     implementation 'org.springframework.security:spring-security-crypto'
 	implementation 'org.springframework.boot:spring-boot-starter-web'
+    implementation 'org.springframework.boot:spring-boot-starter-data-redis'
+    implementation 'org.redisson:redisson-spring-boot-starter:3.45.1'
     implementation 'io.micrometer:micrometer-tracing-bridge-brave'
     implementation 'io.zipkin.reporter2:zipkin-reporter-brave'
 	implementation 'me.paulschwarz:spring-dotenv:4.0.0'

diff --git a/src/main/java/org/creditto/core_banking/CoreBankingApplication.java b/src/main/java/org/creditto/core_banking/CoreBankingApplication.java
@@ -2,10 +2,12 @@
 
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.boot.context.properties.ConfigurationPropertiesScan;
 import org.springframework.data.jpa.repository.config.EnableJpaAuditing;
 
 @EnableJpaAuditing
 @SpringBootApplication
+@ConfigurationPropertiesScan
 public class CoreBankingApplication {
 
 	public static void main(String[] args) {

diff --git a/src/main/java/org/creditto/core_banking/domain/account/repository/AccountRepository.java b/src/main/java/org/creditto/core_banking/domain/account/repository/AccountRepository.java
@@ -1,16 +1,19 @@
 package org.creditto.core_banking.domain.account.repository;
 
+import jakarta.persistence.LockModeType;
+import jakarta.persistence.QueryHint;
+import java.math.BigDecimal;
+import java.util.List;
+import java.util.Optional;
 import org.creditto.core_banking.domain.account.dto.AccountSummaryRes;
 import org.creditto.core_banking.domain.account.entity.Account;
 import org.springframework.data.jpa.repository.JpaRepository;
+import org.springframework.data.jpa.repository.Lock;
 import org.springframework.data.jpa.repository.Query;
+import org.springframework.data.jpa.repository.QueryHints;
 import org.springframework.data.repository.query.Param;
 import org.springframework.stereotype.Repository;
 
-import java.math.BigDecimal;
-import java.util.List;
-import java.util.Optional;
-
 @Repository
 public interface AccountRepository extends JpaRepository<Account, Long> {
 
@@ -27,4 +30,9 @@ public interface AccountRepository extends JpaRepository<Account, Long> {
             "COUNT(ac), COALESCE(SUM(ac.balance), 0)) " +
             "FROM Account ac WHERE ac.userId = :userId")
     AccountSummaryRes findAccountSummaryByUserId(@Param("userId") Long userId);
+
+    @Lock(LockModeType.PESSIMISTIC_WRITE)
+    @QueryHints(@QueryHint(name = "jakarta.persistence.lock.timeout", value = "3000"))
+    @Query("SELECT a FROM Account a WHERE a.id = :id")
+    Optional<Account> findByIdForUpdate(@Param("id") Long id);
 }
diff --git a/src/main/java/org/creditto/core_banking/domain/account/service/AccountLockProperties.java b/src/main/java/org/creditto/core_banking/domain/account/service/AccountLockProperties.java
@@ -0,0 +1,29 @@
+package org.creditto.core_banking.domain.account.service;
+
+import org.springframework.boot.context.properties.ConfigurationProperties;
+
+@ConfigurationProperties(prefix = "core.account-lock")
+public class AccountLockProperties {
+
+    private final long waitMillis;
+    private final long leaseMillis;
+    private final String accountLockPrefix;
+
+    public AccountLockProperties(long waitMillis, long leaseMillis, String accountLockPrefix) {
+        this.waitMillis = waitMillis;
+        this.leaseMillis = leaseMillis;
+        this.accountLockPrefix = accountLockPrefix;
+    }
+
+    public long getWaitMillis() {
+        return waitMillis;
+    }
+
+    public long getLeaseMillis() {
+        return leaseMillis;
+    }
+
+    public String getAccountLockPrefix() {
+        return accountLockPrefix;
+    }
+}
diff --git a/src/main/java/org/creditto/core_banking/domain/account/service/AccountLockService.java b/src/main/java/org/creditto/core_banking/domain/account/service/AccountLockService.java
@@ -0,0 +1,92 @@
+package org.creditto.core_banking.domain.account.service;
+
+import java.util.concurrent.TimeUnit;
+
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+import org.creditto.core_banking.global.response.error.ErrorBaseCode;
+import org.creditto.core_banking.global.response.exception.CustomBaseException;
+import org.redisson.RedissonShutdownException;
+import org.redisson.api.RLock;
+import org.redisson.api.RedissonClient;
+import org.springframework.stereotype.Service;
+
+@Slf4j
+@Service
+@RequiredArgsConstructor
+public class AccountLockService {
+
+    private final RedissonClient redissonClient;
+    private final AccountLockProperties accountLockProperties;
+
+    public <T> T executeWithLock(Long accountId, LockCallback<T> callback) {
+        RLock lock = redissonClient.getLock(accountLockProperties.getAccountLockPrefix() + accountId);
+        boolean redisLockAcquired = false;
+        boolean redisAvailable = true;
+
+        try {
+            redisLockAcquired = lock.tryLock(
+                    accountLockProperties.getWaitMillis(),
+                    accountLockProperties.getLeaseMillis(),
+                    TimeUnit.MILLISECONDS
+            );
+        } catch (RedissonShutdownException redisException) {
+            redisAvailable = false;
+            log.warn("Redis lock 불가, fallback 전략을 사용합니다. accountId={}, reason={}", accountId, redisException.getMessage());
+        } catch (InterruptedException e) {
+            Thread.currentThread().interrupt();
+            throw new CustomBaseException(ErrorBaseCode.ACCOUNT_LOCK_INTERRUPTED);
+        }
+
+        try {
+            if (!redisAvailable) {
+                // Redis 사용 불가 & DB 분산락만 적용
+                return callback.invokeFallback();
+            }
+
+            if (!redisLockAcquired) {
+                // Lock 획득 실패
+                throw new CustomBaseException(ErrorBaseCode.ACCOUNT_LOCK_TIMEOUT);
+            }
+
+            return callback.invoke();
+
+        } catch (InterruptedException e) {
+            // Interrupt 관련 에러
+            Thread.currentThread().interrupt();
+            throw new CustomBaseException(ErrorBaseCode.ACCOUNT_LOCK_INTERRUPTED);
+        } finally {
+            if (redisLockAcquired && lock.isHeldByCurrentThread()) {
+                try {
+                    lock.unlock();
+                } catch (RuntimeException unlockException) {
+                    log.warn("Redis lock 해제 실패. accountId={}, reason={}", accountId, unlockException.getMessage());
+                }
+            }
+        }
+    }
+
+    public void executeWithLock(Long accountId, Runnable runnable) {
+        executeWithLock(accountId, new LockCallback<Void>() {
+            @Override
+            public Void invoke() {
+                runnable.run();
+                return null;
+            }
+
+            @Override
+            public Void invokeFallback() {
+                runnable.run();
+                return null;
+            }
+        });
+    }
+
+    public interface LockCallback<T> {
+        T invoke() throws InterruptedException;
+
+        default T invokeFallback() throws InterruptedException {
+            return invoke();
+        }
+    }
+}
diff --git a/src/main/java/org/creditto/core_banking/domain/account/service/AccountService.java b/src/main/java/org/creditto/core_banking/domain/account/service/AccountService.java
@@ -28,6 +28,7 @@ public class AccountService {
     private final TransactionStrategyFactory strategyFactory;
     private final PasswordValidator passwordValidator;
     private final PasswordEncoder passwordEncoder;
+    private final AccountLockService accountLockService;
 
 
     /**
@@ -82,15 +83,16 @@ public void verifyPassword(Long accountId, String rawPassword) {
      */
     @Transactional
     public void processTransaction(Long accountId, BigDecimal amount, TxnType txnType, Long typeId) {
-        // 팩토리에서 거래 유행에 맞는 전략 호출
+        // 전략 조회
         TransactionStrategy strategy = strategyFactory.getStrategy(txnType);
 
-        // 계좌 정보 조회
-        Account account = accountRepository.findById(accountId)
-                .orElseThrow(() -> new CustomBaseException(ErrorBaseCode.NOT_FOUND_ACCOUNT));
-
-        // 거래 타입 실행
-        strategy.execute(account, amount, typeId);
+        // 분산 락 적용
+        accountLockService.executeWithLock(accountId, () -> {
+            // 비관적 락 적용
+            Account account = accountRepository.findByIdForUpdate(accountId)
+                    .orElseThrow(() -> new CustomBaseException(ErrorBaseCode.NOT_FOUND_ACCOUNT));
+            strategy.execute(account, amount, typeId);
+        });
     }
 
     public AccountRes getAccountById(Long id) {

diff --git a/...g/creditto/core_banking/domain/overseasremittance/service/RemittanceProcessorService.java b/...g/creditto/core_banking/domain/overseasremittance/service/RemittanceProcessorService.java
@@ -3,6 +3,7 @@
 import lombok.RequiredArgsConstructor;
 import org.creditto.core_banking.domain.account.entity.Account;
 import org.creditto.core_banking.domain.account.repository.AccountRepository;
+import org.creditto.core_banking.domain.account.service.AccountLockService;
 import org.creditto.core_banking.domain.exchange.dto.ExchangeReq;
 import org.creditto.core_banking.domain.exchange.dto.ExchangeRes;
 import org.creditto.core_banking.domain.exchange.entity.Exchange;
@@ -50,6 +51,7 @@ public class RemittanceProcessorService {
     private final ExchangeService exchangeService;
     private final TransactionService transactionService;
     private final RemittanceFeeService remittanceFeeService;
+    private final AccountLockService accountLockService;
 
     /**
      * 전달된 Command를 기반으로 해외송금의 모든 단계를 실행합니다.
@@ -67,7 +69,6 @@ public class RemittanceProcessorService {
     @Transactional
     public OverseasRemittanceResponseDto execute(final ExecuteRemittanceCommand command) {
 
-        // 관련 엔티티 조회
         Account account = accountRepository.findById(command.accountId())
                 .orElseThrow(() -> new CustomBaseException(NOT_FOUND_ACCOUNT));
 
@@ -98,44 +99,44 @@ public OverseasRemittanceResponseDto execute(final ExecuteRemittanceCommand comm
         // 총 차감될 금액 계산 (실제 보낼 금액 + 총 수수료)
         BigDecimal totalDeduction = actualSendAmount.add(totalFee);
 
-        // 잔액 확인
-        if (!account.checkSufficientBalance(totalDeduction)) {
-            // 실패 트랜잭션 기록
-            transactionService.saveTransaction(account, actualSendAmount, TxnType.WITHDRAWAL, null, TxnResult.FAILURE);
-            throw new CustomBaseException(ErrorBaseCode.INSUFFICIENT_FUNDS);
-        }
-
         // 3. DTO에 담겨올 ID로 Exchange 엔티티 다시 조회
-         Long exchangeId = exchangeRes.exchangeId();
-
-         Exchange savedExchange = exchangeRepository.findById(exchangeId)
-                 .orElseThrow(() -> new CustomBaseException(NOT_FOUND_EXCHANGE_RECORD));
-
-        // 5. 송금 이력 생성
-        OverseasRemittance overseasRemittance = OverseasRemittance.of(
-                recipient,
-                account,
-                regularRemittance,
-                savedExchange,
-                feeRecord,
-                actualSendAmount,
-                command
-        );
-        remittanceRepository.save(overseasRemittance);
-
-        // 수수료 차감 및 거래 내역 생성
-        if (totalFee.compareTo(BigDecimal.ZERO) > 0) {
-            account.withdraw(totalFee);
-            transactionService.saveTransaction(account, totalFee, TxnType.FEE, overseasRemittance.getRemittanceId(), TxnResult.SUCCESS);
-        }
-
-        // 송금액 차감 및 거래 내역 생성
-        account.withdraw(actualSendAmount);
-        transactionService.saveTransaction(account, actualSendAmount, TxnType.WITHDRAWAL, overseasRemittance.getRemittanceId(), TxnResult.SUCCESS);
-
-        accountRepository.save(account);
-
-        return OverseasRemittanceResponseDto.from(overseasRemittance);
+        Long exchangeId = exchangeRes.exchangeId();
+
+        Exchange savedExchange = exchangeRepository.findById(exchangeId)
+                .orElseThrow(() -> new CustomBaseException(NOT_FOUND_EXCHANGE_RECORD));
+
+        return accountLockService.executeWithLock(command.accountId(), () -> {
+            Account lockedAccount = accountRepository.findByIdForUpdate(command.accountId())
+                    .orElseThrow(() -> new CustomBaseException(NOT_FOUND_ACCOUNT));
+
+            if (!lockedAccount.checkSufficientBalance(totalDeduction)) {
+                transactionService.saveTransaction(lockedAccount, actualSendAmount, TxnType.WITHDRAWAL, null, TxnResult.FAILURE);
+                throw new CustomBaseException(ErrorBaseCode.INSUFFICIENT_FUNDS);
+            }
+
+            OverseasRemittance overseasRemittance = OverseasRemittance.of(
+                    recipient,
+                    lockedAccount,
+                    regularRemittance,
+                    savedExchange,
+                    feeRecord,
+                    actualSendAmount,
+                    command
+            );
+            remittanceRepository.save(overseasRemittance);
+
+            if (totalFee.compareTo(BigDecimal.ZERO) > 0) {
+                lockedAccount.withdraw(totalFee);
+                transactionService.saveTransaction(lockedAccount, totalFee, TxnType.FEE, overseasRemittance.getRemittanceId(), TxnResult.SUCCESS);
+            }
+
+            lockedAccount.withdraw(actualSendAmount);
+            transactionService.saveTransaction(lockedAccount, actualSendAmount, TxnType.WITHDRAWAL, overseasRemittance.getRemittanceId(), TxnResult.SUCCESS);
+
+            accountRepository.save(lockedAccount);
+
+            return OverseasRemittanceResponseDto.from(overseasRemittance);
+        });
     }
 
     private ExchangeRes exchange(Long userId, ExecuteRemittanceCommand command) {
@@ -152,4 +153,4 @@ private FeeRecord calculateFee(ExchangeRes exchangeRes, CurrencyCode currencyCod
         );
         return remittanceFeeService.calculateAndSaveFee(feeReq);
     }
-}
+}
diff --git a/src/main/java/org/creditto/core_banking/global/config/RedisConfig.java b/src/main/java/org/creditto/core_banking/global/config/RedisConfig.java
@@ -0,0 +1,28 @@
+package org.creditto.core_banking.global.config;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.data.redis.connection.RedisConnectionFactory;
+import org.springframework.data.redis.core.RedisTemplate;
+import org.springframework.data.redis.serializer.GenericJackson2JsonRedisSerializer;
+import org.springframework.data.redis.serializer.StringRedisSerializer;
+
+@Configuration
+public class RedisConfig {
+
+    @Bean
+    public RedisTemplate<String, Object> redisTemplate(RedisConnectionFactory connectionFactory) {
+        RedisTemplate<String, Object> template = new RedisTemplate<>();
+        template.setConnectionFactory(connectionFactory);
+
+        // key:value
+        template.setKeySerializer(new StringRedisSerializer());
+        template.setValueSerializer(new GenericJackson2JsonRedisSerializer());
+
+        // hash key:value
+        template.setHashKeySerializer(new StringRedisSerializer());
+        template.setHashValueSerializer((new GenericJackson2JsonRedisSerializer()));
+
+        return template;
+    }
+}
diff --git a/src/main/java/org/creditto/core_banking/global/response/error/ErrorBaseCode.java b/src/main/java/org/creditto/core_banking/global/response/error/ErrorBaseCode.java
@@ -71,6 +71,8 @@ public enum ErrorBaseCode implements ErrorCode {
     CONFLICT(HttpStatus.CONFLICT, 409, "이미 존재하는 리소스입니다."),
     DB_CONFLICT(HttpStatus.CONFLICT, 409, "DB 관련 충돌 문제입니다."),
     DUPLICATE_REMITTANCE(HttpStatus.CONFLICT, 40911, "동일한 내용의 자동이체가 이미 등록되어 있습니다."),
+    ACCOUNT_LOCK_TIMEOUT(HttpStatus.LOCKED, 42301, "계좌 처리 대기 시간이 초과되었습니다."),
+    ACCOUNT_LOCK_INTERRUPTED(HttpStatus.LOCKED, 42302, "계좌 잠금 처리 중 오류가 발생했습니다."),
 
     /**
      * 500 INTERNAL SERVER ERROR - 서버 오류

diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml
@@ -6,6 +6,11 @@ spring:
     username: ${DB_USERNAME}
     password: ${DB_PASSWORD}
     driver-class-name: com.mysql.cj.jdbc.Driver
+  data:
+    redis:
+      host: ${REDIS_HOST}
+      port: ${REDIS_PORT}
+      timeout: 2000
 
 scheduler:
   remittance:
@@ -34,3 +39,9 @@ server:
 logging:
   level:
     org.hibernate.sql: DEBUG
+
+core:
+  account-lock:
+    account-lock-prefix: ${ACCOUNT_LOCK_PREFIX}
+    wait-millis: ${ACCOUNT_LOCK_WAIT_MILLIS}
+    lease-millis: ${ACCOUNT_LOCK_LEASE_MILLIS}