SpringSecurityUtils.clientRegisterFilter() and springsecurity.filterChain.chainMap..?
i'm trying to prevent spring-security processing of css/js/img files so i thought i could use the chainMap config to effect that.
so first i tried:
Code:
grails.plugins.springsecurity.filterChain.chainMap = [
'/css/**': '',
'/img/**': '',
'/js/**': '',
'/**': 'JOINED_FILTERS'
]
and got something like: no bean named '' defined.
then i created a "no-op" filter which just passes through with chain.doFilter(req, res), registered an instance of it as a bean,
and tried:
Code:
grails.plugins.springsecurity.filterChain.chainMap = [
'/css/**': 'noOpFilter',
'/img/**': 'noOpFilter',
'/js/**': 'noOpFilter',
'/**': 'JOINED_FILTERS'
]
and all files still seemed to be running through the chain.
finally i tried:
Code:
grails.plugins.springsecurity.filterChain.chainMap = [
'/css/**': 'noOpFilter',
'/img/**': 'noOpFilter',
'/js/**': 'noOpFilter',
'/**': 'noOpFilter'
]
and that didn't even work!
so on a lark i commented out a call in bootstrap that i had like:
Code:
SpringSecurityUtils.clientRegisterFilter(
'myFilter', SecurityFilterPosition.SECURITY_CONTEXT_FILTER.order + 10)
and then the chainMap config kicked in and everything started flowing through my no-op filter...!
is that as designed, or is that a bug of sorts...?
