I'm using spring security 1.2.7.3, and I want to secure URLs with http method, in other words I want something like this in my config.groovy:
grails.plugins.springsecurity.interceptUrlMap = [
'/api/person/**': ['ROLE_ADMIN'], //IF HTTP "POST"
'/api/person/**': ['IS_AUTHENTICATED_ANONYMOUSLY'], //IF HTTP "GET"
}
Is it possible? I know that there are of course other ways to achieve this but I prefer to solve the problem in this way.
p.s. this question has already been asked here before.
I tested out the following and it seemed to work quite well:
grails.plugin.springsecurity.securityConfigType = SecurityConfigType.InterceptUrlMap
grails.plugin.springsecurity.interceptUrlMap = [
'/myFirst/**': ["request.getMethod().equals('GET') || hasRole('ROLE_ADMIN')"],
'/mySecond/**': ["permitAll"]
]
I based the usage of request.getMethod() on the documentation found at the link below and took a little liberty in using an || expression.
http://grails-plugins.github.io/grails-spring-security-core/guide/requestMappings.html
In your example you supplied two entries for 'api/person/**', but that unfortunately won't work because each entry would have the same key for the interceptUrlMap. Combine what you want for options with || and &&.