What are my security options for Spring Security Interface?

Question

What are my security options for Spring Security Interface?

I use defaultConfigType by default, which is configured to use annotations.
What are my security options for Spring Security UI Controllers?

Do I need to use s2ui override on all controllers to protect them through subclasses?
Updating Spring's UI Security Plugin and adding @Secured (['ROLE_ADMIN']) on controllers?
Or is there an easier way?

Can I mix access control mechanisms (w760) (for example: annotations and static URLs).

+3

grails groovy grails-plugin

Fabien barbier Dec 08 '10 at 0:08

source share

1 answer

Burt beckwith · Accepted Answer · 2010-12-08T01:55:13+0000

Use grails.plugins.springsecurity.controllerAnnotations.staticRulesinstead of editing or overriding controllers to add security. This is usually used for static resources such as javascript, but it is good for controllers that you cannot (or should not) edit.

You can also switch to one of the other two mechanisms (database query templates or a static map in Config.groovy), but I prefer annotations as they store security information along with the affected code.

What are my security options for Spring Security Interface?

More articles: