3 Usage - Reference Documentation
Authors: Aaron J. Zirbes
Version: 0.9.9
3 Usage
This plugin exposes a rather large security hole in your application. It is HIGHLY recommended that you restrict access to your application to localhost when you are using this plugin, and that you only use this plugin in development mode. This can be done with the ipRestrictions configuration parameter.When this plugin is enabled, it automatically authenticates anyone using the application as a fake user with fake user roles as defined in Config.groovy.The recommended configuration settings are what follows:
development { … grails.plugins.springsecurity.mock.active = true grails.plugins.springsecurity.mock.fullName = "Your name here" grails.plugins.springsecurity.mock.email = "Your email address here" grails.plugins.springsecurity.mock.username = "your.username" grails.plugins.springsecurity.mock.roles = [ 'ROLE_USER', 'ROLE_ADMIN', 'ROLE_WHATEVERELSE' ] grails.plugins.springsecurity.ipRestrictions = [ '/**': ['127.0.0.0/8', '::1/128'] ] … }
Remember
This is a dangerous plugin. You should only enable this plugin for development use. The example above shows the configuration as being wrapped inside of the "development" closure in the Groovy.config file.In your staging and production environments, make sure to setgrails.plugins.springsecurity.mock.active = false
grails.plugins.springsecurity.ldap.active = false