Hi, I am in the process of migrating to spring security plugin from acegi plugin.Currently working on grails environment. I am facing a weird issue as my authentication success event and authentication bad credentials event does not throw at all.I added println statements in the callback in config.groovy and also through listeners.However i can catch events like InteractiveAuthenticationSuccessEvent. Please do reply if you have gone through the same issue
A:
As mentioned in Chapter 5 of the user guide you need to enable events with "useSecurityEventListener" and configure one or more callback closures, e.g.:
grails.plugins.springsecurity.useSecurityEventListener = true
grails.plugins.springsecurity.onInteractiveAuthenticationSuccessEvent = { e, appCtx ->
println "onInteractiveAuthenticationSuccessEvent: $e"
}
grails.plugins.springsecurity.onAbstractAuthenticationFailureEvent = { e, appCtx ->
println "onAbstractAuthenticationFailureEvent: $e"
}
grails.plugins.springsecurity.onAuthenticationSuccessEvent = { e, appCtx ->
println "onAuthenticationSuccessEvent: $e"
}
grails.plugins.springsecurity.onAuthenticationSwitchUserEvent = { e, appCtx ->
println "onAuthenticationSwitchUserEvent: $e"
}
Burt Beckwith
2010-06-29 04:21:11
Hey, I tried doing all these but the problem was these events were never invoked at all. I was able to receive only onInteractiveAuthenticationSuccessEvent . I went through the spring source code and there in AbstractAuthenticationProcessingFilter class they just throw the onInteractiveAuthenticationSuccessEvent on successful authentication, on authentication failure they just call the failure handler.Do i need to add handlers instead of listening to events? or do i need to inject provider Managers? I didn't add any provider manager thinking that the plugin for grails would do it for me :(
prabha
2010-06-29 05:19:24
Hmmm, looks like things changed between Spring Security 2 and 3. Please create an issue at http://jira.codehaus.org/browse/GRAILSPLUGINS under the Grails-Spring-Security-Core component and I'll see what I can do for the next release.
Burt Beckwith
2010-06-29 05:46:09
Hey, thanks for the follow up.We logged a bug as you said http://jira.codehaus.org/browse/GRAILSPLUGINS-2248
prabha
2010-06-29 09:05:06
I've release version 0.4.1 of the plugin with this fix.
Burt Beckwith
2010-06-30 06:54:49
Thanks a lot !!!
prabha
2010-07-01 06:13:27
A:
The provider manager uses the Null event publisher by default. We can inject the default authentication event publisher in resources.groovy.
defaultEventPublisher(DefaultAuthenticationEventPublisher)
/** authenticationManager */
authenticationManager(ProviderManager) {
authenticationEventPublisher = ref('defaultEventPublisher')
providers = listOfProviders
}