tags:

views:

25

answers:

1
Q: 

Grails 1.3.5 and Spring Security Core

Hi,

I have build a grails application, which on login redirects users to different URLs based on User's role (custom roles defined in roles domain). Now I am trying to integrate Spring Security Core Grails Plugin to the application, so plan to use the plugin's domain model.

I understand the auth action in LoginController does the user login validation and if the user is logged in the redirects to default target URI. My question is how can I know if the logging in user is of type ROLE_ADMIN or ROLE_USER or any other ROLE? How can I check the authority here and then redirect to different URIs?

I would also like to know how the user validation is done i.e. how & where the username and password are validated against the database in spring security?

Thank You. Jay Chandran.

+2  A: 

The redirect happens in org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler but the plugin extends this class in org.codehaus.groovy.grails.plugins.springsecurity.AjaxAwareAuthenticationSuccessHandler to support Ajax logins.

If you want to customize the redirect location based on roles, I'd subclass AjaxAwareAuthenticationSuccessHandler and override onAuthenticationSuccess(). You'll have access to the Authentication, so you can inspect the granted authorities and determine where to go based on those.

Then replace the plugin's bean with yours in resources.groovy:

import org.codehaus.groovy.grails.plugins.springsecurity.SpringSecurityUtils

beans = {
   authenticationSuccessHandler(MyAuthenticationSuccessHandler) {
      def conf = SpringSecurityUtils.securityConfig

      requestCache = ref('requestCache')
      redirectStrategy = ref('redirectStrategy')
      defaultTargetUrl = conf.successHandler.defaultTargetUrl
      alwaysUseDefaultTargetUrl = conf.successHandler.alwaysUseDefault
      targetUrlParameter = conf.successHandler.targetUrlParameter
      ajaxSuccessUrl = conf.successHandler.ajaxSuccessUrl
      useReferer = conf.successHandler.useReferer
   }
}
Burt Beckwith  2010-10-08 05:59:55
Thank you very much. I am sure I will have more queries.
Jay Chandran  2010-10-08 08:33:16

related questions

How do I get at the goodies in my Grails Config.groovy at runtime?
Running a web app in Grails vs Django
Adding a method to a domain class
Getting Groovy's Grape Going!!!
Groovy question: "except" syntax?
What does it mean for a programming language to be "on rails"?
Groovy parsing JSON vs XML
Parsing XML with multi-line records
How do I redirect a file download using Grails?
Create grails war without version number
What needs checking in for a Grails app?
Grails - Acegi: Customize Authentication Method
J2EE and Grails: Communication with WebServices? Which framework?
Grails 1.0.3 console reports 'premature end of file'
Grails with YUI table example
grails plugin for eclipse and netbeans 6.1
error while using groovy.sql Out parameter.
Rails books?
Rails or Grails?
Is anyone developing facebook apps on Grails
How do I increase the number of default rows per page?
How to check if element in groovy array/hash/collection/list?
How do you access two databases in Grails
How do you change the default homepage in a Grails application?
Learning Ruby on Rails any good for Grails?