Home/ Questions/Q 207285
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-11T17:43:19+00:00

I’m trying to build a control logic that depends on the current gsp page

  • 0

I’m trying to build a control logic that depends on the current gsp page to call an action, is there a tag or a session method that i can use to identify the current gsp page

I want to restrict access to all GSPs except singup and login, so if a user open any other gsp he will be redirected to signup page and he will also be able to navigate to the login page.

The logic i am trying to implement is like this if current_Page is login.gsp or singup.gsp then do nothing else redirect to signup //where user can navigate to login page with no problems too

And i want to add this logic in the main layout so it gets implemented across all the application domain.

I’m wondering if there is an alternative way of doing this using RequestmapController or UrlMappings?

Anyone with experience in springMVC will be able to help as Grails is built on top SpringMVC, which in turn is built on top of the standard servlet framework!

Note: I’m using Acegi Plugin

Remark: How can the application be SEO-friendly(i.e. Google indexing) with this type of security mechanism implemented?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Edit: Sorry, I misunderstood your question. I thought you were looking for an alternative to Requestmaps. That is why I originally suggested securing the controllers with annotations.

    If you want to use Requestmaps you could do the following:

    1. Create a new Requestmap that looks like this:
      URL pattern = /login/**
      Role = IS_AUTHENTICATED_ANONYMOUSLY

    2. To restrict access to the rest of the site create another requestmap entry which matches all the urls:
      URL pattern = /*/**
      Role = ROLE_USER (you could use any other role you like)

    IS_AUTHENTICATED_ANONYMOUSLY means that anyone can access the matched URLs.The first rule is more specific and therefore should overwrite the second and more general rule.

    You can look at AcegiSecurity Plugin – Securing URLs for more information.

    Regarding the site’s SEO. AFAIK search engines cannot access sites that need authentication. That is why sites like Experts Exchange use sly tricks to get indexed by Google.

    You could choose to give anonymous users read access while requiring a login for writing (like SO does). This would allow your site to be indexed by search engine bots.

    I hope this helps!

    • 0