acegi

Acegi User Class constraints under groovy

Hi I have an Groovy appilcation using Acegi Spring Security. My User Class looks as follows: class User { static constraint = { email(blank:true, nullable:true) description(blank:false, nullable:false) username(blank: false, unique: true) userRealName(blank: false) company(nullable:true, blank:true) authorit...

How do I pass the id of the logged in user to my chosen controller in grails using acegi

I have secured my Grails app using the ACEGI plugin and am using annotations on my controller methods to prompt the user to login. My app has a static HTML front page with a login link on it which redirects to the login/auth page. On a successful login I want to load my own custom page for the authenticated user, called person/mainpa...

Acegi throws AuthenticationCredentialsNotFoundException when opening URl with BrowserLauncher 2

Hi all, We have a JSF web application that uses Acegi security. We also have a standalone Java Swing application. One function of the Swing app is to load the user's home page in a browser window. To do this we're currently using Commons HttpClient to authenticate the user with the web app: String url = "http://someUrl/j_acegi_securit...

Grails acegi plugin classes not added to maven

I created a grails 1.2.0 project using the acegi plugin 0.5.2 which works very well. To integrate the project into our companies build infrastructure I need to build it via maven. So I converted it to a maven project using the grails maven integration which worked quite well too. There is one problem: I have a Java class CustomUserDe...

How to specify a custom salt on Acegi with grails?

I have a need to specify a custom salt when encoding passwords with acegi 0.5.2 plugin for grails. I have found a tutorial that shows how to use a ReflectionSaltSource using a parameter of the user (possibly the username). However, I was unable to get that to work and I actually need to be able to control the salt more than just pickin...

Grails Acegi plugin annotations

Hi, I'm using the annotations provided by the Spring Security (AKA Acegi) plugin. I have controller actions annotated with @Secured(['ROLE_ADMIN', 'ROLE_USER']) To indicate that they should be available to administrators and regular users. But now I need to indicate that an action is available to administrators and unregistered user...

login automatically with Grails & Acegi

Hi, I'm using the Acegi plugin in my Grails app. After a user registers, he is redirected to an action that is protected. Therefore, he is shown the login form. However, I would prefer if the user was automatically logged in as soon as he completes registration. It seems like I could achieve this by redirecting to the action that the l...

Grails with SpringSecurity, local users and LDAP

I use the SpringSecurity-framework for authentication, and it works as long as there is a user with the same name in my local DB. However, I want an admin-account that is only stored in the local DB and has no equivalent in LDAP. So, how can I configure SpringSecurity so that it uses LDAP and if this fails looks for a user and password...

Grails acegi plugin user recommendation

I'm about to add security to my Grails App, and I'd like to know from your experiences what's the best approach: To add fields to the Person Domain class (such as phone, address, etc.) To create an independent Domain class and map it one to one to the Person class ...

share authentication between grails applications

Is it possible to share authentication between several grails application? We have an app that grown too big and it is a time to break it to several apps, but we can't figure out how to share authentication between apps. our app is grails with acegi plugin and it is deployed on tomcat server. question assumes that we do not introduce ...

LDAP-authentication and local roles don't work

Hi again, authentication via LDAP works like a charm, however, when I assign a role to a user and secure a page in the requestmap (like /books/show/** and ROLE_USER) this only works for local-only users, not for users authenticated via LDAP. (IS_AUTHENTICATED_FULLY works, though) How can I fix that? ...

Using Grails Acegi-Plugin and need additonal checks at authentication time

I have seen the other questions and reviewed the documentation, but I have not found a clear example or answer. 1) Do I need a new userDetailsService class 2) Do I need a new userDetailsService class AND subclass the GrailsDaoImpl The documentation for the plugin discusses it but it is just not clear to me? ...

Script level login to Grails app using Acegi security

Scenario: I have a Grails app that uses Acegi security for authentication. I'm implementing a REST service endpoint in the app and want to be able to GET and POST to / from the service endpoint using a shell script. I've been trying to use curl to do this, but can't find the right combination of parameters to make the curl command log ...

Acegi/Spring Security Captcha force new captcha value

We are using Grails Acegi plugin 0.5.1 for authentication and also the Captcha functionality. On input validation errors, I would like to generate a new Captcha value. I am using the render method from a User controller to present the template with the validation errors. The template in question includes an img element implementing a ...

Capturing Login/Logout and Login Attempts with Grails and Acegi Plugin

I have partially implemented a solution using an grails filter and a session listener that required me to modify the web.xml. The session listener tells me when the session has ended, and the grails filter tells me when any controller has been called for the first time with an authenticated user. It appeared to me that both were require...

Grails Expired sessions and uploads

I have an upload page, if a user goes to that upload page then leaves it for a while and their session times out, then they try to upload they will get redirected to the login page, but after they login it tries to submit the upload again causing an error. How would I avoid the upload being submitted again after login? ...

Security in Grails-app: Acegi or Shiro

Hi, i'm developing a Grails based web-application and i need to choose one of these two frameworks for authentication. In your opinion, what criterions favor the choice for Acegi and what criterions favor the choice for Apache Shiro? ...

Grails Acegi manual login

Is there a way to do that without using a POST request to "j_spring_security_check"? ...

Assigning roles programmatically in grails using acegi

Hi, could someone provide me with a snippet that assigns a given existing acegi role (Authority) to a Person in Grails ? Thanks. ...

Why doesn't grails' acegi plugin work in weblogic?

I have a grails(v1.2.1) app using the acegi plugin(v0.5.2) to authenticate users against an Active Directory domain. Everything works perfectly as long as I run the app using "grails run-app"; The correct controller/actions are protected, users can successfully log in, they don't have to log in on each page request, etc. When I run the...