source: trunk/grails-app/conf/SecurityConfig.groovy @ 146

Last change on this file since 146 was 145, checked in by gav, 15 years ago

Minor bootstrap change, adjust security to accept all /plugin/ urls.
Tested every dateChooser under the sun only to come back to RichUI, only needs to support "EEE, dd-MMM-yyyy" format and have dropdowns for year and month and it would be perfect.
Placed a dateChooser on Task Create view.

File size: 3.4 KB
Line 
1security {
2
3    def authenticateService
4
5        // see DefaultSecurityConfig.groovy for all settable/overridable properties
6
7        active = true
8
9        loginUserDomainClass = "Person"
10    userName = 'loginName'
11    password = 'password'
12    enabled = 'isActive'
13
14        authorityDomainClass = "Authority"
15
16    //Required if we want to run "grails generate-manager"
17    //Which recreates the controller and views, so save the views!
18//     requestMapClass = 'Requestmap'
19
20    useRequestMapDomainClass = false
21    useControllerAnnotations = true
22
23    //Set true especially if used across the internet.
24    forceHttps = 'false'
25
26    //Pessimistic locking, deny access to all URLs that don't
27    //have an applicable URL-Role configuration.
28    //This forces us to set an annotation, static rule or
29    //extend BaseController and prevents accidentally leaving pages open.
30    controllerAnnotationsRejectIfNoRule = true
31   
32    //Static rules for controllers, actions and urls.
33    //Since we are using pessimistic locking we have to set some things
34    //here but most security should be set in the controllers.
35    controllerAnnotationStaticRules = [
36    '/': ['IS_AUTHENTICATED_FULLY'],
37    '/index.gsp': ['IS_AUTHENTICATED_FULLY'],
38    '/css/*': ['IS_AUTHENTICATED_ANONYMOUSLY'],
39    '/images/**': ['IS_AUTHENTICATED_ANONYMOUSLY'],
40    '/js/**': ['IS_AUTHENTICATED_ANONYMOUSLY'],
41     '/plugins/**': ['IS_AUTHENTICATED_FULLY'],
42//     '/plugins/help-balloons-1.2/**': ['IS_AUTHENTICATED_FULLY'],
43//     '/plugins/richui-0.6/**': ['IS_AUTHENTICATED_FULLY'],
44//     '/plugins/navigation-1.1/**': ['IS_AUTHENTICATED_FULLY'],
45//     '/plugins/filterpane-0.6.2/**': ['IS_AUTHENTICATED_FULLY'],
46//     '/plugins/calendar-1.2.0-SNAPSHOT2/**': ['IS_AUTHENTICATED_FULLY'],
47//
48//     '/plugins/class-diagram-0.3/**': ['IS_AUTHENTICATED_FULLY'],
49//     '/classDiagram*': ['IS_AUTHENTICATED_FULLY'],
50//     '/classDiagram/**': ['IS_AUTHENTICATED_FULLY'],
51    '/login*': ['IS_AUTHENTICATED_ANONYMOUSLY'],
52    '/login/**': ['IS_AUTHENTICATED_ANONYMOUSLY'],
53    '/logout*': ['IS_AUTHENTICATED_FULLY'],
54    '/logout/**': ['IS_AUTHENTICATED_FULLY']
55    ]
56
57    //We always want to go to the home page so that bookmarks are not used.
58    defaultTargetUrl = '/appCore/welcome'
59    alwaysUseDefaultTargetUrl = true
60
61    //User caching, turned this off so that password changes take effect.
62    //It would appear that user is still in the session as logout/login
63    // is still required for role changes to take effect.
64    //If this option causes high database load try:
65    //  import org.acegisecurity.providers.dao.DaoAuthenticationProvider
66    //  import org.acegisecurity.context.SecurityContextHolder
67    //  DaoAuthenticationProvider daoAuthenticationProvider
68    //  def user = SecurityContextHolder.context.authentication.principal.username
69    //  daoAuthenticationProvider.userCache.removeUserFromCache(user)
70    //  in logout controller and perhaps on password change and role change.
71    cacheUsers = false
72
73//    //List for and events and run the closure(s) that follow.
74//    //Unfortunately the session is not available yet so many things can't be done here, us an defaultTargetUrl and controller.
75//    useSecurityEventListener = true
76//
77//    onAuthenticationSuccessEvent = { e, appCtx ->
78//        def p = e.source.principal
79//        def personInstance = Person.findByLoginName(p.username)
80//        println p.username
81//        println personInstance.loginName
82//        println personInstance.firstName
83//    }
84
85}
Note: See TracBrowser for help on using the repository browser.