22 Miscellaneous Properties - Reference Documentation
Authors: Burt Beckwith, Beverley Talbott
Version: 1.2.7.3
22 Miscellaneous Properties
| Property | Default Value | Meaning |
|---|---|---|
| active | true | Whether the plugin is enabled. |
| rejectIfNoRule | false | 'strict' mode where an explicit grant is required to access any resource; if true make sure to allow IS_AUTHENTICATED_ ANONYMOUSLY for '/', '/js/**', '/css/**', '/images/**', '/login/**', '/logout/**', and so on. |
| anon.key | 'foo' | anonymousProcessingFilter key. |
| anon.userAttribute | 'anonymousUser, ROLE_ANONYMOUS' | anonymousProcessingFilter username and role. |
| atr.anonymousClass | AnonymousAuthenticationToken | Anonymous token class. |
| useHttpSession EventPublisher | false | If true, an HttpSession EventPublisher will be configured. |
| cacheUsers | false | If true, logins are cached using an EhCache. See Account Locking and Forcing Password Change, under User Cache. |
| useSecurityEventListener | false | If true, configure SecurityEventListener. See Events. |
| dao.reflectionSalt SourceProperty | none | Which property to use for the reflection-based salt source. See Salted Passwords |
| dao.hideUserNot FoundExceptions | true | if true, throws a new BadCredentialsException if a username is not found or the password is incorrect, but if false re-throws the UsernameNot FoundException thrown by UserDetailsService (considered less secure than throwing BadCredentialsException for both exceptions) |
| requestCache.onlyOnGet | false | Whether to cache only a SavedRequest on GET requests. |
| requestCache.createSession | true | Whether caching SavedRequest can trigger the creation of a session. |
| authenticationDetails. authClass | WebAuthenticationDetails | The Authentication details class to use. |
| roleHierarchy | none | Hierarchical role definition. See Hierarchical Role Definition. |
| voterNames | ['authenticatedVoter', 'roleVoter'] | Bean names of voters. See Voters. |
| providerNames | ['daoAuthenticationProvider', 'anonymousAuthenticationProvider', 'rememberMeAuthenticationProvider'] | Bean names of authentication providers. See Authentication Providers. |
| securityConfigType | Type of request mapping to use | One of "Annotation", "Requestmap", or "InterceptUrlMap" (or the corresponding enum value from SecurityConfigType). See Configuring Request Mappings to Secure URLs. |
| controllerAnnotations. matcher | 'ant' | Use an Ant-style URL matcher ('ant') or Regex ('regex'). |
| controllerAnnotations. lowercase | true | Whether to do URL comparisons using lowercase. |
| controllerAnnotations. staticRules | none | Extra rules that cannot be mapped using annotations. |
| interceptUrlMap | none | Request mapping definition when using "InterceptUrlMap". See Simple Map in Config.groovy. |
| registerLoggerListener | false | If true, registers a LoggerListener that logs interceptor-related application events. |