Skip to content
This repository was archived by the owner on Sep 10, 2024. It is now read-only.

Commit 8eaff4b

Browse files
sheehansheehan
authored
Merge pull request #73 from robertoschwald/patch-1
Update README examples to Spring-Sec-Core 3.x
2 parents f89b1f7 + 2742e62 commit 8eaff4b

File tree

1 file changed

+7
-8
lines changed

1 file changed

+7
-8
lines changed

Diff for: README.md

+7-8
Original file line numberDiff line numberDiff line change
@@ -109,26 +109,25 @@ The following configuration options are available:
109109
## Security
110110

111111
By default (as of v1.5.0) the console plugin is only enabled in the development environment. You can enable or disable it for any environment with
112-
the `grails.plugin.console.enabled` config option in Config.groovy. If the plugin is enabled in non-development environments, be sure to guard
113-
access using a security plugin like Spring Security Core or Shiro. For Grails 2.x, the paths `/console/**` and `/plugins/console*/**` should be secured. For Grails 3.x, the paths `/console/**` and `/static/console/**` should be secured.
112+
the `grails.plugin.console.enabled` config option in Config.groovy / application.groovy (Grails 3). If the plugin is enabled in non-development environments, be sure to guard access using a security plugin like Spring Security Core or Shiro. For Grails 2.x, the paths `/console/**` and `/plugins/console*/**` should be secured. For Grails 3.x, the paths `/console/**` and `/static/console/**` should be secured.
114113

115114
Spring Security Core example:
116115

117116
```groovy
118117
grails.plugin.springsecurity.controllerAnnotations.staticRules = [
119-
"/console/**": ['ROLE_ADMIN'],
120-
"/plugins/console*/**": ['ROLE_ADMIN'], // Grails 2.x
121-
"/static/console/**": ['ROLE_ADMIN'], // Grails 3.x
118+
[pattern:"/console/**", access:['ROLE_ADMIN']],
119+
[pattern:"/plugins/console*/**", access:['ROLE_ADMIN'], // Grails 2.x
120+
[pattern:"/static/console/**", access:['ROLE_ADMIN']], // Grails 3.x
122121
]
123122
```
124123

125124
Another example restricting access to localhost IPs:
126125

127126
```groovy
128127
grails.plugin.springsecurity.controllerAnnotations.staticRules = [
129-
"/console/**": ["hasRole('ROLE_ADMIN') && (hasIpAddress('127.0.0.1') || hasIpAddress('::1'))"],
130-
"/plugins/console*/**": ["hasRole('ROLE_ADMIN') && (hasIpAddress('127.0.0.1') || hasIpAddress('::1'))"], // Grails 2.x
131-
"/static/console/**": ["hasRole('ROLE_ADMIN') && (hasIpAddress('127.0.0.1') || hasIpAddress('::1'))"], // Grails 3.x
128+
[pattern:"/console/**", access:["hasRole('ROLE_ADMIN') && (hasIpAddress('127.0.0.1') || hasIpAddress('::1'))"]],
129+
[pattern:"/plugins/console*/**", access:["hasRole('ROLE_ADMIN') && (hasIpAddress('127.0.0.1') || hasIpAddress('::1'))"]], // Grails 2.x
130+
[pattern:"/static/console/**", access:["hasRole('ROLE_ADMIN') && (hasIpAddress('127.0.0.1') || hasIpAddress('::1'))"]], // Grails 3.x
132131
]
133132
```
134133

0 commit comments

Comments
 (0)