Databases
StackOverflow2013
Postsdbo
POinterceptUrlMap being overridden?
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. POinterceptUrlMap being overridden?
    text
    copied!<p>I'm working on a rather large web app that uses Grails and we are trying to implement the use of role security. When the system was set up, grails was basically granting full role access to CAS authenticated users, but when I created specific roles for each controller method, it just completely ignored the roles and continued allowing full access to authenticated users.</p> <p>Here's what I'm doing in Config.groovy:</p> <pre><code>grails.plugins.springsecurity.securityConfigType = SecurityConfigType.InterceptUrlMap grails.plugins.springsecurity.interceptUrlMap = [ "/controllerName/create": [ "hasRole( 'ROLE_CREATE' )" ], "/controllerName/remove": [ "hasRole( 'ROLE_DELETE' )" ], "/controllerName/listEntries": [ "hasRole( 'ROLE_VIEW' )" ], "/controllerName/listAllEntries": [ "hasRole( 'ROLE_VIEW' )" ], "/controllerName/getDefaultCategories": [ "hasRole( 'ROLE_VIEW' )" ] ] </code></pre> <p>The UrlConfig.goovy doesn't have an entry for controllerName.</p> <p>When the create, remove, or other services in controllerName are called by the application, it doesn't matter if the user has the specified role or not. It just acts like there is no mapping there. </p> <p>Is it possible that some other setting is overriding the interceptUrlMap? If so, where should I start to look?</p> <p>I should mention that we have to use Grails 1.3.8</p> <p>Update: I tried the lower case thing mentioned below and it still failed. However, if I just did a top level ("/controllername/**") controller entry (as opposed to specifying an action within the controller, it restricted access. Unfortunately, we want to do "/controllername/create" type security. Any thoughts?</p>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload