Skip to content

Latest commit

 

History

History
40 lines (28 loc) · 1.78 KB

README.md

File metadata and controls

40 lines (28 loc) · 1.78 KB

Build Status Spring Security AJAX Aware

This project provides implementation of AuthenticationEntryPoint which returns status 401 FORBIDDEN for AJAX calls requesting application/json format in their Accept headers on the first place.

The primary use case is to use AngularJS and its Angular HTTP Auth module with Grails framework and its Spring Security Core Plugin.

Branches

master

Master branch is for Spring Security 4.x. Versions deployed to master will have version number 1.x.x

spring-security-web-3.x

This branch is for Spring Security 3.x. Versions deployed to spring-security-web-3.x_ will have version number 0.x.x

Usage

You need to override authenticationEntryPoint bean in your application.

For the most simple use case in Grails you can easy set it up using following snippet in /grails-app/conf/spring/resources.groovy:

import org.modelcatalogue.core.security.ajax.AjaxAwareLoginUrlAuthenticationEntryPoint

// Place your Spring DSL code here
beans = {
    authenticationEntryPoint(AjaxAwareLoginUrlAuthenticationEntryPoint) {
        loginFormUrl    = '/login/auth'
        portMapper      = ref('portMapper')
        portResolver    = ref('portResolver')
    }
}

Kudos

Inspired by http://stackoverflow.com/questions/8171256/use-spring-security-to-tell-ajax-requests-where-the-login-page-is