(Quick Reference)

5 Token Validation Filter - Reference Documentation

Authors: Alvaro Sanchez-Mariscal

Version: 1.0.0

5 Token Validation Filter

The token validation filter looks for the token in a HTTP header and then tries to validate the token using the configured token storage implementation.

If the validation is successful, the UserDetails object is stored in the security context. This allows you to use in your application @Secured, springSecurityService.principal and so on.

springSecurityService.currentUser expects a grails.plugin.springsecurity.userdetails.GrailsUser to perform a DB query. However, this plugins stores in the security context a more generic org.springframework.security.core.userdetails.User because it does not assume you are using domain classes to store the users. Use springSecurityService.principal instead.

The configuration properties are:

Config keyDefault value
grails.plugin.springsecurity.rest.token.validation.headerNameX-Auth-Token