> I have read the quick start guide on the grails website and came across this
> command in the filters. Hopefully I am interpreting it correctly but even
> with auth set to false I still cannot get to a controller anonymously
>
> accessControl(auth: false)
The "auth: false" means that a remembered user is acceptable, not just
an authenticated one. It still means the user must have logged in at
some point, so it doesn't pertain to anonymous access.
> Basically same goes for just actions in a controller. How do I let anonymous
> users access just an action of a controller? From what I have been reading
> all controllers by default require authentication.
>
> Am I doing something wrong?
A controller only requires authentication if a "before" filter is
triggered for it. So the default filter created for you looks like
this:
all(uri: "/**") {
before = {
// Ignore direct views (e.g. the default main index page).
if (!controllerName) return true
// Access control by convention.
accessControl()
}
}
The key to providing anonymous access is the uri pattern used. So you
could change the above to:
secured(uri: "/secure/**") {
before = {
// Access control by convention.
accessControl()
}
}
which only protects pages under the "/secure" URI. See the Grails
documentation on filters for more information.
Cheers,
Peter
