2

I have a simple web application, where username and password (entered in login page) are authenticated against LDAP using Spring Security.

Almost everything is configuration here. I can post all the config. files if necessary.

I need a way to disable this authentication altogether temporarily for the purpose of say demo/testing etc. Ideally if a 'do not authenticate' checkbox exists on login page, then authentication should be bypassed.

Ofcourse i can remove all Spring-Security stuff. But this is not really neat.

What is the simplest/best way to do this? Thanks.

Jasper
  • 8,440
  • 31
  • 92
  • 133
  • Which version of spring are you using ? – Santosh Jul 22 '13 at 06:35
  • 1
    Please check this http://stackoverflow.com/questions/11227464/disable-spring-security-from-spring-security-xml-file – Santosh Jul 22 '13 at 06:44
  • You can comment `DelegatingFilterProxy` in web.xml: ` springSecurityFilterChain org.springframework.web.filter.DelegatingFilterProxy ` – Michael Jul 23 '13 at 07:13

1 Answers1

2

I know this is a year old, but I ran across wanting to do this exact same thing. I could not find any way to do it dynamically but I did find a way so that a simple change that could be done on one line in Config.groovy and a restart of the app that worked for me.

grails.plugin.springsecurity.ldap.active = false

and then put the other ldap config options in an if statement

if (grails.plugin.springsecurity.ldap.active) {
    //All of the ldap options
 }
Devin Wright
  • 191
  • 1
  • 11