Spring Security Grails 3.0 YML Mappings

grails spring security tutorial
grails spring security login controller
grails 4 spring security
grails spring security custom authentication provider
grails spring security rest
grails spring security ui
grails 3 spring security tutorial
spring security 3

I am looking at the documentation of the grails spring security core v3. Grails Spring Security Plugin v3 My aim is to configure url mappings in the yml file, as opposed to it being scattered throughout the code. Their documentation says, that to do this, we must do two things. First, set the

securityConfigType: 'InterceptUrlMap'

and then outline our patterns in the following format:

grails.plugin.springsecurity.interceptUrlMap = [
   [pattern: '/',               access: ['permitAll']]
]

so I have done just that, in the code below: (Note, this is from their documentation, copied and pasted)

grails:
    plugin:
        springsecurity:
            securityConfigType: 'InterceptUrlMap'
            interceptUrlMap: [
                [pattern: '/',               access: ['permitAll']],
                [pattern: '/error',          access: ['permitAll']],
                [pattern: '/index',          access: ['permitAll']],
                [pattern: '/index.gsp',      access: ['permitAll']],
                [pattern: '/shutdown',       access: ['permitAll']],
                [pattern: '/assets/**',      access: ['permitAll']],
                [pattern: '/**/js/**',       access: ['permitAll']],
                [pattern: '/**/css/**',      access: ['permitAll']],
                [pattern: '/**/images/**',   access: ['permitAll']],
                [pattern: '/**/favicon.ico', access: ['permitAll']],
                [pattern: '/login/**',       access: ['permitAll']],
                [pattern: '/logout/**',      access: ['permitAll']]
            ]

However, when trying to access my webpage, with the newly built war file, I get an error stating this:

groovy.lang.MissingMethodException: No signature of method: grails.plugin.springsecurity.ReflectionUtils$_splitMap_closure5.doCall() is applicable for argument types: (java.util.ArrayList) values: [[[pattern:/], [access:[permitAll]]]]
Possible solutions: doCall(java.util.Map), findAll(), findAll(), isCase(java.lang.Object), isCase(java.lang.Object)

I am not sure what the issue here is. If i make grails 3.0 use the s2-quickstart generated groovy script, everything works as intended. However, considering 100% of my other configuration is in the YML file, I certainly do not want to go that route.

Am I missing some obvious property here, that needs to be set?

After looking at that error, what I did is I tried to create the mappings using a list of maps. So your code, would turn to something like this:

interceptUrlMap: [
    {pattern: '/',               access: ['permitAll']},
    {pattern: '/error',          access: ['permitAll']},
    {pattern: '/index',          access: ['permitAll']},
    {pattern: '/index.gsp',      access: ['permitAll']},
    {pattern: '/shutdown',       access: ['permitAll']},
    {pattern: '/assets/**',      access: ['permitAll']},
    {pattern: '/**/js/**',       access: ['permitAll']},
    {pattern: '/**/css/**',      access: ['permitAll']},
    {pattern: '/**/images/**',   access: ['permitAll']},
    {pattern: '/**/favicon.ico', access: ['permitAll']},
    {pattern: '/login/**',       access: ['permitAll']},
    {pattern: '/logout/**',      access: ['permitAll']}
]

I have used this on my local Grails 3.0 application, and it seems to work just fine.

Spring Security Core Plugin, 3.0.3 release The plugin's configuration values all start with grails.plugin.​springsecurity to make any required configuration changes in application.​groovy / application.yml . staticRules and interceptUrlMap (see Configuring Request Mappings to Secure URLs), ipRestrictions (see IP Address Restrictions), filterChain. I tried to add spring security to a slightly older grails project (started with intellij 15.0.1 and grails 3.0.9). Adding the dependencies was successful and rebuilding it made the plugin available, also in the grails console.

That didn't work for me for some reason in 3.2.4. Here's what did:

interceptUrlMap:
    - {pattern: '/password/change**', access: ['IS_AUTHENTICATED_REMEMBERED']}
    - {pattern: '/user/create', access: ['IS_AUTHENTICATED_ANONYMOUSLY']}
    - {pattern: '/user/save', access: ['IS_AUTHENTICATED_ANONYMOUSLY']}
    - {pattern: '/user/**', access: ['IS_AUTHENTICATED_REMEMBERED']}
    - {pattern: '/my/**', access: ['IS_AUTHENTICATED_REMEMBERED']}
    - {pattern: '/j_spring_security_exit_user', access: ['IS_AUTHENTICATED_REMEMBERED']}
    - {pattern: '/j_spring_security_switch_user', access: ['ROLE_ADMIN', 'ROLE_SWITCH_USER']}
    - {pattern: '/admin/**', access: ['ROLE_ADMIN']}

The Grails Framework 4.0.3, 8.3.3Redirects In URL Mappings 17.5.1Spring Security Also you should configure the necessary excludes for Spring Developer Tools in application.yml :. 16.5.1 Spring Security The Spring Security plugins are built on the Spring Security project which provides a flexible, extensible framework for building all sorts of authentication and authorization schemes. The plugins are modular so you can install just the functionality that you need for your application.

Change this:

interceptUrlMap:
    - {pattern: '/password/change**', access: ['IS_AUTHENTICATED_REMEMBERED']}
    - {pattern: '/user/create', access: ['IS_AUTHENTICATED_ANONYMOUSLY']}
    - {pattern: '/user/save', access: ['IS_AUTHENTICATED_ANONYMOUSLY']}
    - {pattern: '/user/**', access: ['IS_AUTHENTICATED_REMEMBERED']}
    - {pattern: '/my/**', access: ['IS_AUTHENTICATED_REMEMBERED']}
    - {pattern: '/j_spring_security_exit_user', access: ['IS_AUTHENTICATED_REMEMBERED']}
    - {pattern: '/j_spring_security_switch_user', access: ['ROLE_ADMIN', 'ROLE_SWITCH_USER']}
    - {pattern: '/admin/**', access: ['ROLE_ADMIN']}

to this:

interceptUrlMap: [
            {pattern: '/',               access: ['permitAll']},
            {pattern: '/error',          access: ['permitAll']},
            {pattern: '/index',          access: ['permitAll']},
            {pattern: '/index.gsp',      access: ['permitAll']},
            {pattern: '/shutdown',       access: ['permitAll']},
            {pattern: '/assets/**',      access: ['permitAll']},
            {pattern: '/**/js/**',       access: ['permitAll']},
            {pattern: '/**/css/**',      access: ['permitAll']},
            {pattern: '/**/images/**',   access: ['permitAll']},
            {pattern: '/**/favicon.ico', access: ['permitAll']},
            {pattern: '/login/**',       access: ['permitAll']},
            {pattern: '/logout/**',      access: ['permitAll']}
        ]

Grails Spring Security Core Plugin Custom Authentication, Shows how to create a custom authentication with Spring Security Core Plugin. Spring Security Core Plugin to achieve such a login in a Grails 3 application. false, unique: true } static mapping = { password column: '`password`' autowire true } } We have a list of valid positions as a configuration list in application.yml. The Spring Security plugin simplifies the integration of Spring Security into Grails applications. The plugin provides sensible defaults with many configuration options for customization. Nearly everything is configurable or replaceable in the plugin and in Spring Security itself, which makes extensive use of interfaces.

The Grails Framework 3.0.17, 7.4.3Redirects In URL Mappings 19.1Using Hibernate XML Mapping Files called Groovy Server Pages (GSP); A controller layer built on Spring MVC  kschmit90 changed the title Grails 3.0: When app has context path, url mappings only working for '/context/' when spring security implemented. Grails 3.0: When app has context path, url mappings only working for '/context/' with trailing slash when spring security implemented. Jun 17, 2015

The Grails Framework 3.1.1, 3Upgrading from previous versions of Grails 20.1Using Hibernate XML Mapping Files compile 'org.springframework.security:spring-security-core:3.2.9​. Spring Security Core plugin is probably the most famous security plugin in the Grails ecosystem. Lets create a simple app to publish product announcements: I create a domain class to store the product announcements. I add a message field to store the announcement and a dateCreated field to use Grails autoTimestamp capabilities.

3 Upgrading from Grails 3.3.x 4.0.3, 17Security grails.gorm.default.mapping = { id generator: 'identity' } See the migration guide and release notes if you are using Spring specific features. configure the necessary excludes for Spring Developer Tools in application.yml :. Include the grails-spring-<version>.jar file in your classpath to use BeanBuilder in a regular Spring MVC application. Then add the following <context-param> values to your /WEB-INF/web.xml file:

Comments
  • Works perfectly for 3.1.2! Thank you!