I have controller:
class AdminController {
def springSecurityService
@Secured(['ROLE_ADMIN', 'ROLE_USER'])
def index() {
render "test";
}
And user with role ROLE_ADMIN in the table:
But, when I use: springSecurityService.getPrincipal().getAuthorities() There is only one role: ROLE_NO_ROLES
Why?
def loggedInUser = springSecurityService.currentUser; returns correct user.
Config: ...
grails.plugin.springsecurity.userLookup.userDomainClassName = '...'
grails.plugin.springsecurity.userLookup.authorityJoinClassName = '...'
grails.plugin.springsecurity.authority.className = '...'
grails.plugin.springsecurity.authority.groupAuthorityNameField = 'authorities'
grails.plugin.springsecurity.useRoleGroups = true
grails.plugin.springsecurity.securityConfigType = "Annotation"
Thank you.
The spring Security has an default UserDetailsService, which assigned the Roles to an User.
You could debug it to see what going wrong.
Or You create your own: https://grails-plugins.github.io/grails-spring-security-core/guide/userDetailsService.html
HTH