User-Role hierarchies in spring security

06 / Sep / 2012 by Robin 2 comments

In most of our applications we are using spring security core plugin for the authentication process. We define some roles in that . Have your ever thought about assigning precedence to the roles. Like, You are having 3 roles defined in your application.

i.e. ROLE_SUPER_ADMIN, ROLE_ADMIN ,ROLE_ATTENDEE.

While using these roles i.e

   @Secured(['ROLE_ATTENDEE'])
    def dashBoard(){
        render(view: 'dashBoard')
    }

Here above you can see that you are restricting the access to this function , if you want that this function should be accessible by ADMIN also , you will mention that role over there.

i.e.

 @Secured(['ROLE_ATTENDEE','ROLE_ADMIN'])

In my project i was having same scenario , So instead of defining list of comma separated roles. You would define a role hierarchy in your config.groovy as mentioned below :-

grails.plugins.springsecurity.roleHierarchy = '''
    ROLE_SUPER_ADMIN > ROLE_ADMIN
    ROLE_ADMIN >  ROLE_ATTENDEE
'''

Here you can see , I have defined a role hierarchy like parent child relationship. So, Like in previous example

   @Secured(['ROLE_ATTENDEE'])
    def dashBoard(){
        render(view: 'dashBoard')
    }

Now above written function would be acessible by all parent roles . No need to specify all the required roles. Isn’t it cool.

Hope it helps. :)

Thanks & Regards,
Robin Sharma.
robin@intelligrape.com

FOUND THIS USEFUL? SHARE IT

comments (2)

Leave a comment -