I'm developing a web application using Grails and I'm trying to implement authentication via spring security plugin. Java.lang.IllegalArgumentException: interceptUrlMap defined as a Map is not supported;
Ihaveaddedthegradledependency:
compile"org.grails.plugins:spring-security-core:3.2.2"
I created the domain classes for authentication: User:
package comum
class User {
transient springSecurityService
String username
String password
boolean enabled = true
boolean accountExpired
boolean accountLocked
boolean passwordExpired
static transients = ['springSecurityService']
static constraints = {
username blank: false, unique: true
password blank: false
}
static mapping = {
password column: ''password''
}
Set<Permissao> getAuthorities() {
UsuarioPermissao.findAllByUsuario(this).collect { it.permissao }
}
def beforeInsert() {
encodePassword()
}
def beforeUpdate() {
if (isDirty('password')) {
encodePassword()
}
}
protected void encodePassword() {
password = springSecurityService?.passwordEncoder ? springSecurityService.encodePassword(password) : password
}
}
Permission:
package comum
class Permission {
String authority
static mapping = {
cache true
}
static constraints = {
authority blank: false, unique: true
}
}
UserPermission:
import org.apache.commons.lang.builder.HashCodeBuilder
class UsuarioPermissao implements Serializable {
private static final long serialVersionUID = 1
Usuario usuario
Permissao permissao
boolean equals(other) {
if (!(other instanceof UsuarioPermissao)) {
return false
}
other.usuario?.id == usuario?.id &&
other.permissao?.id == permissao?.id
}
int hashCode() {
def builder = new HashCodeBuilder()
if (usuario) builder.append(usuario.id)
if (permissao) builder.append(permissao.id)
builder.toHashCode()
}
static UsuarioPermissao get(long usuarioId, long permissaoId) {
UsuarioPermissao.where {
usuario == Usuario.load(usuarioId) &&
permissao == Permissao.load(permissaoId)
}.get()
}
static boolean exists(long usuarioId, long permissaoId) {
UsuarioPermissao.where {
usuario == Usuario.load(usuarioId) &&
permissao == Permissao.load(permissaoId)
}.count() > 0
}
static UsuarioPermissao create(Usuario usuario, Permissao permissao, boolean flush = false) {
def instance = new UsuarioPermissao(usuario: usuario, permissao: permissao)
instance.save(flush: flush, insert: true)
instance
}
static boolean remove(Usuario u, Permissao r, boolean flush = false) {
if (u == null || r == null) return false
int rowCount = UsuarioPermissao.where {
usuario == Usuario.load(u.id) &&
permissao == Permissao.load(r.id)
}.deleteAll()
if (flush) { UsuarioPermissao.withSession { it.flush() } }
rowCount > 0
}
static void removeAll(Usuario u, boolean flush = false) {
if (u == null) return
UsuarioPermissao.where {
usuario == Usuario.load(u.id)
}.deleteAll()
if (flush) { UsuarioPermissao.withSession { it.flush() } }
}
static void removeAll(Permissao r, boolean flush = false) {
if (r == null) return
UsuarioPermissao.where {
permissao == Permissao.load(r.id)
}.deleteAll()
if (flush) { UsuarioPermissao.withSession { it.flush() } }
}
static constraints = {
permissao validator: { Permissao r, UsuarioPermissao ur ->
if (ur.usuario == null) return
boolean existing = false
UsuarioPermissao.withNewSession {
existing = UsuarioPermissao.exists(ur.usuario.id, r.id)
}
if (existing) {
return 'userRole.exists'
}
}
}
static mapping = {
id composite: ['permissao', 'usuario']
version false
permissao lazy:false
}
}
The bootstrap.groovy:
package convictus
import com.bigboss.Cliente
import com.bigboss.Prateleira
import com.bigboss.Produto
import comum.Permissao;
import comum.Usuario;
import comum.UsuarioPermissao;
class BootStrap {
def init = { servletContext ->
Permissao admin = Permissao.findByAuthority("ROLE_ADMIN")
if (admin == null){
admin = new Permissao(authority: "ROLE_ADMIN").save(flush:true)
}
Permissao vendedor = Permissao.findByAuthority("ROLE_VENDEDOR")
if (vendedor == null){
vendedor = new Permissao(authority: "ROLE_VENDEDOR").save(flush:true)
}
Usuario administrador = Usuario.findByUsername("administrador")
if (administrador == null){
administrador = new Usuario(username: "administrador", password: "123", email: "[email protected]",
enabled: true, accountExpired: false, accountLocked: false,
passwordExpired: false).save(flush:true)
}
Usuario vend = Usuario.findByUsername("Diego")
if (vend == null){
vend = new Usuario(username: "Diego", password: "12345", email: "[email protected]",
enabled: true, accountExpired: false, accountLocked: false,
passwordExpired: false).save(flush:true)
}
Usuario vend2 = Usuario.findByUsername("Anderson")
if (vend2 == null){
vend2 = new Usuario(username: "Anderson", password: "12345", email: "[email protected]",
enabled: true, accountExpired: false, accountLocked: false,
passwordExpired: false).save(flush:true)
}
if (UsuarioPermissao.findByUsuarioAndPermissao(administrador,admin) == null)
{
new UsuarioPermissao(usuario: administrador, permissao: admin).save(flush:true)
}
if (UsuarioPermissao.findByUsuarioAndPermissao(vend,vendedor) == null)
{
new UsuarioPermissao(usuario: vend, permissao: vendedor).save(flush:true)
new UsuarioPermissao(usuario: vend2, permissao: vendedor).save(flush:true)
}
}
def destroy = {
}
}
And the access configuration:
grails.plugin.springsecurity.userLookup.userDomainClassName = 'comum.Usuario'
grails.plugin.springsecurity.userLookup.authorityJoinClassName = 'comum.UsuarioPermissao'
grails.plugin.springsecurity.authority.className = 'comum.Permissao'
grails.plugin.springsecurity.auth.loginFormUrl = '/areaRestrita/logar'
grails.plugin.springsecurity.logout.afterLogoutUrl = '/areaRestrita/logout'
grails.plugin.springsecurity.successHandler.defaultTargetUrl = '/areaRestrita/admin'
grails.plugin.springsecurity.failureHandler.defaultFailureUrl = '/areaRestrita/erro'
grails.plugin.springsecurity.successHandler.alwaysUseDefault = false
grails.plugin.springsecurity.dao.hideUserNotFoundExceptions = false
grails.plugin.springsecurity.adh.errorPage="/j_spring_security_logout"
grails.plugin.springsecurity.password.algorithm = 'SHA-256'
grails.plugin.springsecurity.securityConfigType = SecurityConfigType.InterceptUrlMap
grails.plugin.springsecurity.interceptUrlMap = [
"/ login": ["IS_AUTHENTICATED_ANONYMOUSLY"], "/ **": ["ROLE_ADMIN"] ]
grails.plugin.springsecurity.controllerAnnotations.staticRules = [
[pattern: '/', access: ['permitAll']],
[pattern: '/error', access: ['permitAll']],
[pattern: '/index', access: ['permitAll']],
[pattern: '/index.gsp', access: ['permitAll']],
[pattern: '/shutdown', access: ['permitAll']],
[pattern: '/assets/**', access: ['permitAll']],
[pattern: '/**/js/**', access: ['permitAll']],
[pattern: '/**/css/**', access: ['permitAll']],
[pattern: '/**/images/**', access: ['permitAll']],
[pattern: '/**/favicon.ico', access: ['permitAll']]
]
grails.plugin.springsecurity.filterChain.chainMap = [
[pattern: '/assets/**', filters: 'none'],
[pattern: '/**/js/**', filters: 'none'],
[pattern: '/**/css/**', filters: 'none'],
[pattern: '/**/images/**', filters: 'none'],
[pattern: '/**/favicon.ico', filters: 'none'],
[pattern: '/**', filters: 'JOINED_FILTERS']
]