Grails 2.4.4 spring security role doesn't apply to user

284 views Asked by At

I have controller:

class AdminController {

    def springSecurityService

    @Secured(['ROLE_ADMIN', 'ROLE_USER'])
    def index() {
        render "test";
    }

And user with role ROLE_ADMIN in the table: enter image description here

But, when I use: springSecurityService.getPrincipal().getAuthorities() There is only one role: ROLE_NO_ROLES

Why?

def loggedInUser = springSecurityService.currentUser; returns correct user.

Config: ...

grails.plugin.springsecurity.userLookup.userDomainClassName = '...'
grails.plugin.springsecurity.userLookup.authorityJoinClassName = '...'
grails.plugin.springsecurity.authority.className = '...'
grails.plugin.springsecurity.authority.groupAuthorityNameField = 'authorities'
grails.plugin.springsecurity.useRoleGroups = true
grails.plugin.springsecurity.securityConfigType = "Annotation"

Thank you.

1

There are 1 answers

0
YAT On BEST ANSWER

The spring Security has an default UserDetailsService, which assigned the Roles to an User.

You could debug it to see what going wrong.

Or You create your own: https://grails-plugins.github.io/grails-spring-security-core/guide/userDetailsService.html

HTH