Accessing specific controller in grails shiro plugin

StackOverflow https://stackoverflow.com/questions/20612498

  •  02-09-2022
  •  | 
  •  

سؤال

I have a grails application in which I am using shiro plugin to add security. I do not give access to any of the urls without login to any user. All goes fine. Now I want to find whether there is any way to allow access to some of the urls without login ? Some links should be working without login.

هل كانت مفيدة؟

المحلول

that's easy. If you've a standard shiro setup, you'll find a ShiroSecurityFilters.groovy in your projects conf-folder which looks something like this:

class SecurityFilters {
  def filters = {
    all(uri: "/**") {
      before = {
        // Ignore direct views (e.g. the default main index page).
        if (!controllerName) return true
        // Access control by convention. 
        accessControl() 
      } 
    } 
  } 
}

just replace it with something like this:

class SecurityFilters {
  def filters = {
    all(uri: "/**") {
      before = {
        // Ignore direct views (e.g. the default main index page).
        if (!controllerName) return true
        // Access control by convention. 
        if ((controllerName+':'+actionName) in ['book:view', 'book:list']) {
          return true
        } else {
          accessControl() 
        }
      } 
    } 
  } 
}

This will make the two actions list and view of the bookController accessible to everyone.

Hope that helps...

مرخصة بموجب: CC-BY-SA مع الإسناد
لا تنتمي إلى StackOverflow
scroll top