How to convert spring security configuration from .groovy application to application.yml

Question

How to convert spring security configuration from .groovy application to application.yml

Hello everyone I need to convert this configuration from application.groovy to application.yml

grails.plugin.springsecurity.controllerAnnotations.staticRules = 
[   '/':            ['permitAll'],  
'/error':           ['permitAll'],  
'/index':           ['permitAll'],  
'/index.gsp':       ['permitAll'],  
'/shutdown':        ['permitAll'],  
'/assets/**':       ['permitAll'],  
'/**/js/**':        ['permitAll'],  
'/**/css/**':       ['permitAll'],  
'/**/images/**':    ['permitAll'],  
'/**/favicon.ico':  ['permitAll'] ]

For example, grails.plugin.springsecurity.apf.postOnly = false appears as

grails:
    plugin:
        springsecurity:
            apf:
                postOnly: false

+4

spring-security grails

Ahmad Umar Sep 7 '15 at 13:02

source share

2 answers

Rickygo · Answer 1 · 2015-09-07T13:52:58+0000

Try the following:

grails:
    plugin:
        springsecurity:
            controllerAnnotations:
                staticRules:
                    '/':                permitAll
                    '/error':           permitAll
                    '/index':           permitAll
                    '/index.gsp':       permitAll
                    '/shutdown':        permitAll
                    '/assets/**':       permitAll
                    '/**/js/**':        permitAll
                    '/**/css/**':       permitAll
                    '/**/images/**':    permitAll
                    '/**/favicon.ico':  permitAll

This works for me. YAML specification taken from YAML official website

Mike houston · Answer 2 · 2015-12-31T20:56:04+0000

This slightly changed version 3.0.1 of the Spring Security plugin for Grails 3.X. The YML format for version 3.0.1 with annotation protection is as follows:

# Added for the Spring Security Core plugin:
---
grails:
  plugin:
    springsecurity :
      userLookup.userDomainClassName: 'org....User'
      userLookup.authorityJoinClassName: 'org....UserRole'
      authority.className: 'org....Role'
      adh.errorPage: '/user/denied'
      controllerAnnotations.staticRules:
        - pattern: '/'
          access: ['permitAll']
        - pattern: '/index'
          access: ['permitAll']
        - pattern: '/index.gsp'
          access: ['permitAll']
        - pattern: '/error'
          access: ['permitAll']
        - pattern: '/user/denied'
          access: ['permitAll']
        - pattern: '/assets/**'
          access: ['permitAll']
        - pattern: '/**/js/**'
          access: ['permitAll']
        - pattern: '/**/css/**'
          access: ['permitAll']
        - pattern: '/**/images/**'
          access: ['permitAll']
        - pattern: '/**/favicon.ico'
          access: ['permitAll']

How to convert spring security configuration from .groovy application to application.yml

More articles: