Using grails spring security to protect urls with http method

Question

Using grails spring security to protect urls with http method

I am using spring security 1.2.7.3 and I want to protect URLs using the http method, in other words, I need something like this in my config.groovy:

grails.plugins.springsecurity.interceptUrlMap = [
    '/api/person/**':  ['ROLE_ADMIN'], //IF HTTP "POST"
    '/api/person/**':  ['IS_AUTHENTICATED_ANONYMOUSLY'], //IF HTTP "GET"
}

Is it possible? I know that, of course, there are other ways to achieve this, but I prefer to solve the problem this way.

ps this question has already been asked here .

+4

spring-security grails http-method

ux11 Aug 14 '14 at 8:20

source share

1 answer

th3morg · Accepted Answer · 2014-10-21T18:21:13+0000

I tested the following and it seemed to work quite well:

grails.plugin.springsecurity.securityConfigType = SecurityConfigType.InterceptUrlMap
grails.plugin.springsecurity.interceptUrlMap = [
    '/myFirst/**': ["request.getMethod().equals('GET') || hasRole('ROLE_ADMIN')"],
    '/mySecond/**': ["permitAll"]
]

request.getMethod() , , || .

http://grails-plugins.imtqy.com/grails-spring-security-core/guide/requestMappings.html

"api/person/**", , , , interceptUrlMap. , || & &.

Using grails spring security to protect urls with http method

More articles: