I am using spring security plugin in my Grails project. In order to secure the URLs, I am using interceptUrlMap
.
My User and Role classes are User.groovy
and Role.groovy
respectively. Based on these classes, the s2-quickstart
script has generated the UserController.groovy
and RoleController.groovy
The problem arises when I want to secure UserController.groovy
. My requirement is that I cannot permit all users to create a new user. Therefore certain actions of the UserController
need to be blocked for users with the proper role privileges.
However no matter how I try to restrict access, I see that all the actions of UserController
are always accessible.
Could anyone please explain where I am going wrong. Any help is highly appreciated.
I have managed to solve the issue. The problem was that I was editing Config.groovy while the application was still running. Hot deployment was not taking place.
Once I restarted the application, the functionality started working.
Thanks for all the help.