Affects Version/s: 1.0
Fix Version/s: 1.1
I had a look a the Shiro plugin and couldn't see anything wrong there (but I'm not a plugin/grails expert) and the problem looks like it lies within grails itself.
If you use a url mapping like this:
and use a url that doesn't exist so that the "/errors/notFound" view is used and that view uses <shiro:authenticated> then an exception occurs.
If you access the controller and it's action directly using a use a url like this: 'error/notFound' then everything works as expected.
Further to this, if you create a view which has this code:
The result will be "View: org.apache.shiro.util.ThreadContext.getSecurityManager returns null?: true" when accessing a page that doesn't exist
and "View: org.apache.shiro.util.ThreadContext.getSecurityManager returns null?: false" when accessing the controller and action directly.
Thus, any tag in the ShiroTagLib that uses SecurityManager.getSubject() will fail.
Attempting to use "<shiro:authenticated>Authenticated</shiro:authenticated>" in the "main" layout or the "notFound" view results in the following exception:
I've attached an example project, two example urls that highlight the problem are: