That depends on how your application is configured with Spring Security.
If you are using the default configuration:
grails.plugins.springsecurity.securityConfigType = "Annotation"
You can either annotate the method for the action getJsonData
with @Secured('IS_AUTHENTICATED_ANONYMOUSLY')
or put a configuration in Config.groovy:
grails.plugins.springsecurity.controllerAnnotations.staticRules = [
'/training/getJsonData/**': ['IS_AUTHENTICATED_ANONYMOUSLY'],
]
Otherwise, if you are using the InterceptUrlMap:
grails.plugins.springsecurity.securityConfigType = "InterceptUrlMap"
You should configure an entry in your interceptUrlMap like this
grails.plugins.springsecurity.interceptUrlMap = [
'/training/getJsonData/**': ['IS_AUTHENTICATED_ANONYMOUSLY'],
// ...
]
Check out the appropriated section in the Spring Security plugin documentation.
Also, beware of using methods named getFoo
in the controllers, they are called when the controller is created -- this is documented in the Gotchas page at Grails wiki. You should probably rename your method to avoid any problems.