Quantcast
Grails Grails - user

Spring security return 401

classic Classic list List threaded Threaded
3 messages Options
Andréas Kühne
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate
star

Spring security return 401

Andréas Kühne
Hi all,

Is it possible to programmatically send a 403 or a 401 to the spring security plugin? What I would like to do is check if the user is able to edit itself or a member of certain roles and return a 403 if the user does not have the correct permission. This means that I can't use the @Secured annotation. If I just use response.sendError, I get a tomcat 401 or 403 page, which is not very stylish. I would like to get the same kind of redirects the @Secured annotation does.

--
Regards,

Andréas

Upplandsgatan 93 . 113 44 . Stockholm . Sweden
[hidden email]
bobbywarner
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate
star

Re: Spring security return 401

bobbywarner
You could do this with a beforeInterceptor:

http://grails.org/doc/latest/guide/theWebLayer.html#interceptors

I did something similar awhile ago.  I did not send a 403, but simply redirected to another page if they weren't authorized.  You could just as easy send 403 though if you wanted.

http://www.bobbywarner.com/2011/04/11/custom-security-checks-in-grails/

Or if you want a more complete solution, you could use the SS ACL plugin:

http://grails.org/plugin/spring-security-acl


Hope that helps!
Bobby
Andréas Kühne
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate
star

Re: Spring security return 401

Andréas Kühne
Hi Bobby,

Thanks for the answer. I will check out both of your suggestions!

/ Andréas

2012/8/13 bobbywarner <[hidden email]>
You could do this with a beforeInterceptor:

http://grails.org/doc/latest/guide/theWebLayer.html#interceptors

I did something similar awhile ago.  I did not send a 403, but simply
redirected to another page if they weren't authorized.  You could just as
easy send 403 though if you wanted.

http://www.bobbywarner.com/2011/04/11/custom-security-checks-in-grails/

Or if you want a more complete solution, you could use the SS ACL plugin:

http://grails.org/plugin/spring-security-acl


Hope that helps!
Bobby



--
View this message in context: http://grails.1312388.n4.nabble.com/Spring-security-return-401-tp4633135p4633136.html
Sent from the Grails - user mailing list archive at Nabble.com.

---------------------------------------------------------------------
To unsubscribe from this list, please visit:

    http://xircles.codehaus.org/manage_email





--
vänliga hälsningar,

Andréas

Upplandsgatan 93 . 113 44 . Stockholm
Mobil 076 543 8825
[hidden email]
Loading...
Powered by Nabble Edit this page