views:

138

answers:

1

I am working on an app that uses the Spring (Acegi) plugin for Grails. The plugin has facebook connect settings built in. I have followed the instructions to handle a facebook login within the app... however my knowledge of exactly whats going on is weak and what I really would like to do is give the user/visitor the option of either logging in and or registering on my app using their facebook account or create an account manually. I have roles that are setup in the app in the Spring Security plugin that are being bypassed using the facebook connect login option. Where can I intercept the login action in the Spring Security plugin to inject my own custom code to create the new user within the app if he/she doesnt exist.

My hope is that if they choose to create an account using facebook.. my app will create a corresponding account for the facebook user with default permissions. When the person logs in, permissions are set and authentication is required to access certain content.

I found a way of handling this using the Shiro Security plugin here:

http://sacharya.com/facebook-connect-with-jsecurity-on-grails/

I also stumbled upon Nimble. However, I really like Spring Security, could just be a comfort thing and maybe its time for me to try Shiro with Nimble.. I dont know.

I hope this makes sense. I appreciate any direction in making this happen.

Best Mike

+1  A: 

Have you tried using a SecurityListener class implementing a ApplicationListener?

public void onApplicationEvent(ApplicationEvent event) 
{
    if (event instanceof AuthenticationSuccessEvent) 
    {
        ...
    }
}

See also: http://forum.springsource.org/showthread.php?t=66885

Jan
hmm... can't remember if I tried this or not. I will have to re-investigate. I was however able to use Apache Shiro and do what I needed.
croteau