Spring Security - How to lock down a specific URL

For example, here is my action:

class MyController {

}

It works if I give users with a specific role access to all actions on this controller like this:

new RequestMap(url: "/admin/my/**", configAttribute: "ROLE")

But it doesn't allow access if I do this:

new RequestMap(url: "/admin/my/searchAvailableModelNamesAjax", configAttribute: "ROLE")

All help is appreciated.

Thanks!

Dean Del Ponte

On July 18, 2012 at 11:05 AM Dean Del Ponte <[hidden email]> wrote:

> I have a specific controller action which is accessed via AJAX and I would
> like make it available to users of a certain role.
>
> For example, here is my action:
>
> class MyController {
>
> public def searchAvailableModelNamesAjax(String term) {
>         // Do really cool stuff
>         // Render really cool stuff
>         render "[]"
> }
>
> }
>
> It works if I give users with a specific role access to all actions on this
> controller like this:
> new RequestMap(url: "/admin/my/**", configAttribute: "ROLE")
>
> But it doesn't allow access if I do this:
> new RequestMap(url: "/admin/my/searchAvailableModelNamesAjax",
> configAttribute: "ROLE")
>
> All help is appreciated.
>
> Thanks!
>
> Dean Del Ponte

new RequestMap(url: "/admin/my/searchAvailableModelNamesAjax*", configAttribute: "ROLE") 

or 

new RequestMap(url: "/admin/my/searchAvailableModelNamesAjax**", configAttribute: "ROLE")  

?