{"id":5447,"date":"2012-05-03T14:25:42","date_gmt":"2012-05-03T08:55:42","guid":{"rendered":"http:\/\/www.tothenew.com\/blog\/?p=5447"},"modified":"2016-12-19T14:36:46","modified_gmt":"2016-12-19T09:06:46","slug":"restricting-access-to-plugins-classes-with-spring-security","status":"publish","type":"post","link":"https:\/\/www.tothenew.com\/blog\/restricting-access-to-plugins-classes-with-spring-security\/","title":{"rendered":"Restricting Access To Plugin’s Classes With Spring Security"},"content":{"rendered":"

Many of Grails plugin like searchable \u00a0and console can prove to be really dangerous if access to their URLs is not blocked. After adding searchable plugin to my project, I realized that access to its controllers was not defined and was open for all. Now this was a major security concern. There are many ways of restricting access like doing it manually in filters. But since I am using spring security plugin, there was a better way out. It allows to create mapping (static rules) as configuration for different user roles.<\/p>\n

There are different ways of securing url in spring security plugin. And since I am using annotations, I’ll be defining static rule for annotations only.<\/p>\n

[java]<\/p>\n

grails.plugins.springsecurity.controllerAnnotations.staticRules = [<\/p>\n

‘\/console\/**’: [‘ROLE_ADMIN’],<\/p>\n

‘\/searchable\/**’: [‘ROLE_ADMIN’]<\/p>\n

]<\/p>\n

[\/java]<\/p>\n

By doing this I blocked access for all but ones with the role “ROLE_ADMIN” \u00a0for console and searchable controllers.<\/p>\n

_________________________________<\/div>\n
Hitesh Bhatia
\nMail,LinkedIn,Facebook<\/a>,Twitter<\/a>
\n_________________________________<\/div>\n","protected":false},"excerpt":{"rendered":"

Many of Grails plugin like searchable \u00a0and console can prove to be really dangerous if access to their URLs is not blocked. After adding searchable plugin to my project, I realized that access to its controllers was not defined and was open for all. Now this was a major security concern. There are many ways […]<\/p>\n","protected":false},"author":16,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"iawp_total_views":0},"categories":[7],"tags":[350,813,812,326,672,811],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.tothenew.com\/blog\/wp-json\/wp\/v2\/posts\/5447"}],"collection":[{"href":"https:\/\/www.tothenew.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.tothenew.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.tothenew.com\/blog\/wp-json\/wp\/v2\/users\/16"}],"replies":[{"embeddable":true,"href":"https:\/\/www.tothenew.com\/blog\/wp-json\/wp\/v2\/comments?post=5447"}],"version-history":[{"count":0,"href":"https:\/\/www.tothenew.com\/blog\/wp-json\/wp\/v2\/posts\/5447\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.tothenew.com\/blog\/wp-json\/wp\/v2\/media?parent=5447"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.tothenew.com\/blog\/wp-json\/wp\/v2\/categories?post=5447"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.tothenew.com\/blog\/wp-json\/wp\/v2\/tags?post=5447"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}