From e5594b48dfc22612b8ea764a8bd58b538d7bf6a6 Mon Sep 17 00:00:00 2001
From: Scott Murphy Heiberg <scott@alwaysvip.com>
Date: Tue, 8 Oct 2024 14:31:22 -0700
Subject: [PATCH] Register SiteMesh 3 filter on security chain if detected.

---
 .../springsecurity/SpringSecurityCoreGrailsPlugin.groovy    | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/plugin/src/main/groovy/grails/plugin/springsecurity/SpringSecurityCoreGrailsPlugin.groovy b/plugin/src/main/groovy/grails/plugin/springsecurity/SpringSecurityCoreGrailsPlugin.groovy
index fe669878..5c52ade2 100644
--- a/plugin/src/main/groovy/grails/plugin/springsecurity/SpringSecurityCoreGrailsPlugin.groovy
+++ b/plugin/src/main/groovy/grails/plugin/springsecurity/SpringSecurityCoreGrailsPlugin.groovy
@@ -670,6 +670,12 @@ to default to 'Annotation'; setting value to 'Annotation'
 		}
 		log.trace 'Using SecurityContextHolder strategy {}', SCH.strategyName
 
+		// if sitemesh 3 is installed, an additional sitemesh 3 filter will need to be registered
+		// as part of the security filter chain so that pages are decorated using the security context
+		if (applicationContext.getBean('sitemesh3Secured')) {
+			SpringSecurityUtils.clientRegisterFilter('sitemesh3Secured', SecurityFilterPosition.FORM_CONTENT_FILTER.previous())
+		}
+
 		// build filters here to give dependent plugins a chance to register some
 		SortedMap<Integer, String> filterNames = ReflectionUtils.findFilterChainNames(conf)
 		def securityFilterChains = applicationContext.securityFilterChains