Securing a Grails web-app using Spring Acegi Security

There’s no mention of Security on the Grails website, however, since the framework and the generated applications are using Spring under the covers, I wondered if you could use the Acegi Security System to secure URLs.

From some experiementing with the supplied beans, and adding filters to the web.xml and bean defs in the applicationContext.xml file, this is possible, exactly the same as for any other web application.

This is awesome as it allows you to add role-based URL security to URLs in your web app, and to protect access to certain parts of the application, perhaps ‘edit’ and ‘create’ controllers so that unauthenticated users can just have access to the view parts of the application.

See my notes here for the configuration.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.