Ignore:
Timestamp:
Oct 8, 2009, 7:58:38 PM (15 years ago)
Author:
gav
Message:

Re-install class-diagram from local svn build with patch to allow war deployment.
Class-diagram overrides removed from Config.groovy since these have all been included upstream.
Tidy comments in SecurityConfig?.groovy
Some work on adding assignedPerson work flow and PersonController?.
Add navAlt and filterPane search to Person and TaskProcedure?.

File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/grails-app/conf/SecurityConfig.groovy

    r145 r147  
    33    def authenticateService
    44
    5         // see DefaultSecurityConfig.groovy for all settable/overridable properties
     5        // See DefaultSecurityConfig.groovy for all settable/overridable properties
    66
    77        active = true
     
    1414        authorityDomainClass = "Authority"
    1515
    16     //Required if we want to run "grails generate-manager"
    17     //Which recreates the controller and views, so save the views!
     16    // Required if we want to run "grails generate-manager"
     17    // Which recreates the controller and views, so save the views!
    1818//     requestMapClass = 'Requestmap'
    1919
     20    // The whole application relies on controllerAnnotations and the static rules bellow.
    2021    useRequestMapDomainClass = false
    2122    useControllerAnnotations = true
    2223
    23     //Set true especially if used across the internet.
     24    // Set true especially if used across the internet.
    2425    forceHttps = 'false'
    2526
    26     //Pessimistic locking, deny access to all URLs that don't
    27     //have an applicable URL-Role configuration.
    28     //This forces us to set an annotation, static rule or
    29     //extend BaseController and prevents accidentally leaving pages open.
     27    // Pessimistic locking, deny access to all URLs that don't
     28    // have an applicable URL-Role configuration.
     29    // This forces us to set an annotation, static rule or
     30    // extend BaseController and prevents accidentally leaving pages open.
    3031    controllerAnnotationsRejectIfNoRule = true
    31    
    32     //Static rules for controllers, actions and urls.
    33     //Since we are using pessimistic locking we have to set some things
    34     //here but most security should be set in the controllers.
     32
     33    // Static rules for controllers, actions and urls.
     34    // Since we are using pessimistic locking we have to set some things
     35    // here but most security should be set in the controllers.
    3536    controllerAnnotationStaticRules = [
    3637    '/': ['IS_AUTHENTICATED_FULLY'],
     
    3940    '/images/**': ['IS_AUTHENTICATED_ANONYMOUSLY'],
    4041    '/js/**': ['IS_AUTHENTICATED_ANONYMOUSLY'],
    41      '/plugins/**': ['IS_AUTHENTICATED_FULLY'],
    42 //     '/plugins/help-balloons-1.2/**': ['IS_AUTHENTICATED_FULLY'],
    43 //     '/plugins/richui-0.6/**': ['IS_AUTHENTICATED_FULLY'],
    44 //     '/plugins/navigation-1.1/**': ['IS_AUTHENTICATED_FULLY'],
    45 //     '/plugins/filterpane-0.6.2/**': ['IS_AUTHENTICATED_FULLY'],
    46 //     '/plugins/calendar-1.2.0-SNAPSHOT2/**': ['IS_AUTHENTICATED_FULLY'],
    47 //
    48 //     '/plugins/class-diagram-0.3/**': ['IS_AUTHENTICATED_FULLY'],
    49 //     '/classDiagram*': ['IS_AUTHENTICATED_FULLY'],
    50 //     '/classDiagram/**': ['IS_AUTHENTICATED_FULLY'],
     42    '/plugins/**': ['IS_AUTHENTICATED_FULLY'],
     43    '/classDiagram*': ['IS_AUTHENTICATED_FULLY'],
     44    '/classDiagram/**': ['IS_AUTHENTICATED_FULLY'],
    5145    '/login*': ['IS_AUTHENTICATED_ANONYMOUSLY'],
    5246    '/login/**': ['IS_AUTHENTICATED_ANONYMOUSLY'],
     
    5549    ]
    5650
    57     //We always want to go to the home page so that bookmarks are not used.
     51    // Always call the welcome action so that bookmarks are not used, a
     52    // welcome message can be populated and the sessionTimeout can be set.
    5853    defaultTargetUrl = '/appCore/welcome'
    5954    alwaysUseDefaultTargetUrl = true
    6055
    61     //User caching, turned this off so that password changes take effect.
    62     //It would appear that user is still in the session as logout/login
     56    // User caching, turned this off so that password changes take effect.
     57    // It would appear that user is still in the session as logout/login
    6358    // is still required for role changes to take effect.
    64     //If this option causes high database load try:
     59    // If this option causes high database load try:
    6560    //  import org.acegisecurity.providers.dao.DaoAuthenticationProvider
    6661    //  import org.acegisecurity.context.SecurityContextHolder
     
    7166    cacheUsers = false
    7267
    73 //    //List for and events and run the closure(s) that follow.
    74 //    //Unfortunately the session is not available yet so many things can't be done here, us an defaultTargetUrl and controller.
     68//    // Listen for events and run the closure(s) that follow.
     69//    // Unfortunately the session is not available yet so many things can't be done here, use a defaultTargetUrl and controller.
    7570//    useSecurityEventListener = true
    7671//
Note: See TracChangeset for help on using the changeset viewer.