开发者

Admin-only access to spring security ui controllers in grails

开发者 https://www.devze.com 2023-03-31 06:41 出处:网络
I would like to restrict access only for ROLE_ADMIN users to all controllers introduced by th开发者_JAVA技巧e Spring Security UI plugin in grails. (I am using grails 1.3.7, plugins.spring-security-cor

I would like to restrict access only for ROLE_ADMIN users to all controllers introduced by th开发者_JAVA技巧e Spring Security UI plugin in grails. (I am using grails 1.3.7, plugins.spring-security-core=1.1.3 and plugins.spring-security-ui=0.1.2)

I can run the config script and create a blank controller for each of the various controllers the ui plugin defines, and decorate that blank controller with @Secured(['ROLE_ADMIN']), but that seems like a tedious and unnecessary approach. Is there a better way?

Thanks,

Gene


Since you're using annotations, the easiest way is to use the controllerAnnotations.staticRules config option. This is for static resources and controllers like these where you shouldn't edit them (or jump through hoops to secure them).

See section "5.1 Defining Secured Annotations" in http://grails-plugins.github.com/grails-spring-security-core/docs/manual/

0

精彩评论

暂无评论...
验证码 换一张
取 消