Right now, I'm using the grails spring security plugin with the following configuration:
grails.plugins.springsecurity.useBasicAuth = true
grails.plugins.springsecurity.basic.realmName = "MyApp"
This works great for basic auth, but I also need to allow and manage authentication through a separate service that relies on cookies. How can I hook into the spring security plugin to also allow for custom service endpoint authentication or basic authentication?
The Grails Spring Security Core documentation gives an example of doing exactly what you want: http://grails-plugins.github.io/grails-spring-security-core/docs/manual/guide/9%20Authentication.html#9.1%20Basic%20and%20Digest%20Authentication
grails.plugins.springsecurity.filterChain.chainMap = [
'/api/**': 'JOINED_FILTERS,-exceptionTranslationFilter',
'/**': 'JOINED_FILTERS,-basicAuthenticationFilter,-basicExceptionTranslationFilter'
]
This essentially leaves the basic auth in place on an API endpoint, while keeping the traditional auth in place for everything else.