Question
I have controller method, Which returns json data and does not have security check logic.
https://stackoverflow.com/questions/18827054
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russiandef getJsonData(){
// return json
}
I am doing ajax request from a php page from another server(cross domain).
$.ajax({
type: "GET",
url: "http://localhost:8080/training/getJsonData",
data: { ListID: '1'},
dataType: "jsonp",
success: function(data) {
alert('Hi'+data);
$("#success").html(data);
}
});
Data is not coming from the server, It only works when the user is logged in to the app server. How to serve these requests without checking for login in grails.
Solution
Add IS_AUTHENTICATED_ANONYMOUSLY above your grails action, like
@Secured('IS_AUTHENTICATED_ANONYMOUSLY')
def getJsonData() {
....
}
EDIT...................................................................................
OK then may be you are using url mapping in config file(Simple Map in Config.groovy). Change there like
grails.plugins.springsecurity.interceptUrlMap = [
...
'/training/getJsonData/**': ['IS_AUTHENTICATED_ANONYMOUSLY'],
...
]
OTHER TIPS
That depends on how your application is configured with Spring Security.
If you are using the default configuration:
grails.plugins.springsecurity.securityConfigType = "Annotation"
You can either annotate the method for the action getJsonData with @Secured('IS_AUTHENTICATED_ANONYMOUSLY') or put a configuration in Config.groovy:
grails.plugins.springsecurity.controllerAnnotations.staticRules = [
'/training/getJsonData/**': ['IS_AUTHENTICATED_ANONYMOUSLY'],
]
Otherwise, if you are using the InterceptUrlMap:
grails.plugins.springsecurity.securityConfigType = "InterceptUrlMap"
You should configure an entry in your interceptUrlMap like this
grails.plugins.springsecurity.interceptUrlMap = [
'/training/getJsonData/**': ['IS_AUTHENTICATED_ANONYMOUSLY'],
// ...
]
Check out the appropriated section in the Spring Security plugin documentation.
Also, beware of using methods named getFoo in the controllers, they are called when the controller is created -- this is documented in the Gotchas page at Grails wiki. You should probably rename your method to avoid any problems.
