I have no special talent. I'm only passionately curious - Albert Einstein
February 15, 2010
Acegi Security Plugin for Grails
Posted by Dave Malone
in Grails,
Configuration,
Java,
Technology
I've been attempting to develop an application using Grails 1.2.1, and the Acegi Security plugin for Grails v. 0.5.2 (also known as the Spring Security Plugin). Grails is still young, and so is it's group of plugins, so there are a lot of configurations that are flawed. This article outlines how to get up and running with Grails and the Acegi Security plugin v. 0.5.2, including how to get the JavaMail configurations working for use with Gmail
The great thing about Grails is the set of available plugins, and the code generation tools available to make application development fun again. The Acegi Security plugin for Grails is no exception, although there doesn't appear to be much activity in the project lately (last release was in January of 2009). The Basic Tutorial includes the commands you'll need to get up and running in next to no time - install the plugin, generate the domain classes and controllers, and even generate a registration page. Once you begin to run the app, you'll notice there are problems right away. The first thing you'll need to do is to modify the spring/resources.groovy file, adding this configuration:
spring/resources.groovy
beans = { basicAuthenticationEntryPoint(org.springframework.security.ui.basicauth.BasicProcessingFilterEntryPoint) {
realmName = 'Grails Realm'
}
}
Next, you'll want to add a configuration to your Bootstrap.groovy file to automatically create the default role in the database, otherwise you won't be able to create any user accounts:
Bootstrap.groovy
class BootStrap {
def authenticateService
def init = { servletContext ->
switch(Environment.getCurrent()){
case Environment.DEVELOPMENT:
createDefaultRoleIfRequired()
break
case Environment.PRODUCTION:
println "PRODUCTION: No Special Configuration required"
break
}
}
def destroy = {
}
void createDefaultRoleIfRequired(){
def config = authenticateService.securityConfig
def defaultRole = config.security.defaultRole
println 'looking for default role: ' + defaultRole
def role = Role.findByAuthority(defaultRole)
if(!role){
println "Fresh Database. Creating defaultRole"
role = new Role(authority: defaultRole, description: 'Default Role for all self registered users')
println 'validating role: ' + role.validate()
println 'role has errors: ' + role.hasErrors()
if(role.validate()) {
role.save()
println defaultRole + ' created'
}
else {
println 'failed to create ' + defaultRole + '\nerrors: '
role.errors.allErrors.each {
println it
}
}
}else{
println "Default Role exists, skipping creation"
}
}
}
The most noticeable - the mail configurations are not well documented, and there isn't anything pertaining to how to use Gmail with the generated EmailerService. Here are the configs which I've put together which work with Gmail accounts for sending email via the EmailerService:
SecurityConfig.groovy
security {
// see DefaultSecurityConfig.groovy for all settable/overridable properties
active = true
loginUserDomainClass = "stratsoft.User"
authorityDomainClass = "stratsoft.Role"
requestMapClass = "stratsoft.Requestmap"
//defaultRole = 'ROLE_USER'
useMail = true
mailHost = 'smtp.gmail.com'
mailUsername = 'youremail@gmail.com'
mailPassword = 'yourpassword'
mailProtocol = 'smtp'
mailFrom = 'youremail@gmail.com'
mailPort = 465
//required by gmail smtp server
javaMailProperties = [
'mail.smtp.auth':'true',
'mail.smtp.starttls.enable':'true',
'mail.smtp.socketFactory.port':'465',
'mail.smtp.socketFactory.class':'javax.net.ssl.SSLSocketFactory',
'mail.smtp.socketFactory.fallback':'false'
]
}
