I’m using Grails 2.0.3 and the latest Spring Security Plugin to secure my controllers.

Question

0

Editorial Team

Asked: June 3, 20262026-06-03T05:41:03+00:00 2026-06-03T05:41:03+00:00

I’m using Grails 2.0.3 and the latest Spring Security Plugin to secure my controllers.

0

I’m using Grails 2.0.3 and the latest Spring Security Plugin to secure my controllers.

But somehow controllers are not secured.

import grails.plugins.springsecurity.Secured

@Secured("ROLE_USER")
class SettingsController extends UtilController {
  def index(){
    render "should not run while not logged in"
  }
}

When I am and am not logged in, I see the message. If I inject springSecurityService, it shows the correct logged in status (true/false), so the annotation is just not handled.

I’ve tried to add “IS_AUTHENTICATED_FULLY” requirement and to move annotation to method, it doesn’t help.

What could it be related with?

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-06-03T05:41:04+00:00

Editorial Team

2026-06-03T05:41:04+00:00Added an answer on June 3, 2026 at 5:41 am

@Secured annotation accept list of roles (String[]), and I guess you have a problem with converting a string to a array of strings.

Can you try with @Secured(["ROLE_USER"])?

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I’m using Grails 2.0.3 and the latest Spring Security Plugin to secure my controllers.

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply