'How to return 404 for pages that do not exist when using Grails Spring Security Plugin

I'm using Grails 3.3.9 with the spring security core plugin 3.2.3 to secure a website.

The problem I have is that now users receive a 403 for pages that do not exist instead of a 404.

How can I make sure that if a page does not exist, a 404 NOT FOUND http status code is returned?


grails.plugin.springsecurity.securityConfigType = "Annotation"
grails.plugin.springsecurity.userLookup.userDomainClassName = 'com.website.User'
grails.plugin.springsecurity.userLookup.authorityJoinClassName = 'com.website.UserRole'
grails.plugin.springsecurity.authority.className = 'com.website.Role'
grails.plugin.springsecurity.controllerAnnotations.staticRules = [
  [pattern: '/',               access: ['permitAll']],
    [pattern: '/error',          access: ['permitAll']],
  [pattern: '/404',            access: ['permitAll']],
    [pattern: '/index',          access: ['permitAll']],
    [pattern: '/index.gsp',      access: ['permitAll']],
    [pattern: '/shutdown',       access: ['permitAll']],
    [pattern: '/assets/**',      access: ['permitAll']],
    [pattern: '/**/js/**',       access: ['permitAll']],
    [pattern: '/**/css/**',      access: ['permitAll']],
    [pattern: '/**/images/**',   access: ['permitAll']],
    [pattern: '/**/favicon.ico', access: ['permitAll']],
        [pattern: '/**',   access: ['ROLE_SUPER_ADMIN']]
]

grails.plugin.springsecurity.filterChain.chainMap = [
    [pattern: '/**/js/**',       filters: 'none'],
    [pattern: '/**/css/**',      filters: 'none'],
    [pattern: '/**/images/**',   filters: 'none'],
    [pattern: '/**/favicon.ico', filters: 'none'],
    [pattern: '/**',             filters: 'JOINED_FILTERS']
]

In my url mappings I have

class UrlMappings {


    static mappings = {


        name root: "/" (controller: "search", action: "create")


        // DO NOT DELETE, we need this for acJson and other actions.
        "/$controller/$action?/$id?(.$format)?"{
            constraints {
                // apply constraints here
            }
        }

        "500"(view:'/error')
        "404"(view:'/404')

    }
grailsspring-security


Solution 1:[1]

u need a controller

class UrlMappings {

    static mappings = {
        "/$controller/$action?/$id?(.$format)?"{
            constraints {
                // apply constraints here
            }
        }

        "/"(controller: "portal", action: "index")
        "500"(controller: "error", action: "page500")
        "404"(controller: "error", action: "page404")
    }

}

class ErrorController {
    def page404() { render view: "page404" }
}

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1 Lonyui

Related Questions

Posting a File and Associated Data to a RESTful WebService preferably as JSON

Calling Hibernate in background threads in grails

How to change grails localhost port?

Trouble getting Conditional CSS with Media Query and Grails

Why can't Groovy find this program even though it's on my PATH?

Bug in Grails / Spring Security when using user groups and roles - can't authenticate

How to catch exceptions in grails REST controllers

Why does the @Override annotation not work when building a Grails project?

Use read-only DB replica for read-only GORM methods and criteria

GRAILS, ANGULAR, GRADLE --- Execution failed for task ':npmInstall'. --- npm finished with non-zero exit value 1

spring sas 0.2.0 access_token throw 'Access is denied'

AuthenticationSuccessEvent never fired

Spring Security: How to use a UserDetailsService with JwtAuthenticationProvider?

@EventListener for AuthenticationSuccessEvent or InteractiveAuthenticationSuccessEvent not fired

CookieCsrfTokenRepository allows the client to create its own Csrf Tokens