> But HttpMethodPermissionFilter only seems to deal with permissions. > It's the authentication I'm interested in. GETs and HEADs to a > particular URL should not require authentication, but the POSTs, PUTs, > and DELETEs should. BasicHttpAuthenticationFilter can't seem to handle > this situation at the moment, but it seems trivial to add.
BTW, when do you think 1.1 will be released and could I get the above feature into it if I implement by end of weekend? If the release is soon, I can try to synchronise the next Grails plugin release with it. Thanks, Peter
