https://stackoverflow.com/questions/23455133
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianI will assume you haven't already read the documentation as it explains how to do this. Typically you will want to allow access to more than just the "login" controller as well. I will include that here so that you don't run into problems with other resources not being available.
The documentation shows you a snippet of code that sets up the basic security when using "Requestmap" (e.g. Database). Typically this code will be run in Bootstrap.groovy. Let's get that out of the way first.
for (String url in [
'/', '/index', '/index.gsp', '/**/favicon.ico',
'/**/js/**', '/**/css/**', '/**/images/**',
'/login', '/login.*', '/login/*',
'/logout', '/logout.*', '/logout/*']) {
new Requestmap(url: url, configAttribute: 'permitAll').save()
}
The above code will allow full access to the listed resources.
Now, moving on to your specific question. The pattern /** will match everything not already defined above. You also stated you want it to require IS_AUTHENTICATED_FULLY so it will look something like this:
new Requestmap(url: '/**', configAttribute: 'IS_AUTHENTICATED_FULLY').save()
Keep in mind that order of these rules is important. Spring security will pick the first matching rule and apply it.
