Wednesday, April 06, 2011

Grails: Securing CKEditor URLs

Problem:
I am using the grails CKEditor plugin and i wanted to secure the file manager urls to be accessed only by a site admin. I am using the Spring Security Core plugin for site security, but i was already using annotations elsewhere on my site, so using a InterceptUrlMap was not an option.

So, how to keep using annotations and secure a plugin's urls?

Solution:
The trick is properly using the controllerAnnotations.staticRules (which really isnt that hard if you pay attention to the docs).
Here is the mapping that works for ANY url mapping you define to CKEditor: