I followed the code from this site. But I had to remove the caching part and was able to make it work. When I viewed the generated PDF file, it only contains the login page. Does it mean that iText can't identify the current session? Note that I placed the 'create pdf' link in the page where it contains the layout that needs to be conve...
I'm working on implementing a URL token based authentication scheme (using Grails) and have been working off of Glen's very helpful example: http://blogs.bytecode.com.au/glen/2010/01/15/hacking-custom-authentication-providers-with-grails-spring-security.html The problem I've run into, is some of my requests are multipart/form-data and ...
Hi, I'm currently developing a menu for my application that should be able to display only the controllers that the current user can access (requestmap defined in the database). How can I check if the current user has access to a specific controller and action? Thanks, Jan ...
I am writing an app which needs to have both the traditional form of user auth, and Facebook Connect. I am using groovy/grails for this application. Grails luckily has JSecurity plugin, Acegi Plugin and Facebook Connect. The Acegi plugin claims to have OpenId and Facebook Connect support too. Anyone's got any experience getting it to wo...
Hi, I'm having a problem with Acegi Plugin. The problem is that Acegi caches user info. If I update roles or password the change doesn't appear immediately. For a while I can even log out and log in with previous password. I found 2 solutions JIRA. Set cacheUsers = false in SecurityConfig.groovy Use special filter to update securityCon...
I have the following event listener in SecurityConfig security { active = true useSecurityEventListener = true //... onInteractiveAuthenticationSuccessEvent = { e, appCtx -> // handle InteractiveAuthenticationSuccessEvent //how to cancel user login from here?? } } The question is, how to stop user from logging in f...
I have installed SSL on my server. My question is how can i forcehttps only on selected controllers/pages via the acegi plugin. Acegi plugin supports a property forcehttps, which when set to true makes all the pages secured once the user logs in. I want to change this behaviour where once the users log off, they should be redirected to ...
I'm starting new project. The client interface is based on GWT (and GXT) I have no say it's predetermined. However I can pick and choose as far as server side so I can have some fun and hopefully learn something new in the process. Some requirements are : Exchange with server will be through use of JSON, most if not all of UI will be g...
Hi, I'm using the Acegi security Grails plugin in my application and sometime it's look like the session expired, the session variables not available anymore like session.user , but the user is not redirect to the login page. if you know how to deal with this problem i'll be happy to get your help. Meni ...
I have an application using Acegi (earlier version of Spring Security) and LDAP for logins. Now, a specific scenario requires me to discover user's LDAP groups at arbitrary time (not at login time). Is it possible to use already set up Acegi to handle this situation? I'm thinking of using the configured LdapAuthProvider (or LdapAut...
Hi, I'm using the Acegi (AKA Sprign Security) plugin in my Grails app. InSecurityConfig.groovy I have added the line userName = 'email' such that the email field is used as the username. I find that if I change the email field and save the object, e.g. user.email = '[email protected]' user.save(failOnError: true) The save com...
I am using acegi-0.5.2 and was able to make myOpenID account work (had to add http://.myopenid.com/ in the database). Now, I'm wondering how to make the Google and Yahoo openid URL work. I'm using these URLs: https://www.google.com/accounts/o8/id http://yahoo.com/ Any help on how to make them work? Do i need to install this plugin? T...
I'm using acegi 0.5.2 and enabled OpenID support. I would like to know how to accesss the URL (or username) returned by a provider (i.e. Google, Yahoo!). I can't find any docs about that so I traced the code of acegi and found this in GrailsOpenIdAuthenticationProvider: OpenIDAuthenticationToken response = (OpenIDAuthenticationToken) au...
We're currently using Acegi 0.5.2 plugin for Grails 1.2.1. However, we're going to move our user management to external CRM. What would be the best way to link existing Person domain with external CRM entity? ...
I'm making a site thats using a static requestmap. I'm trying to add registration with generate-registration and i keep getting an error Warning, target causing name overwriting of name default Error executing script GenerateRegistration: groovy.lang.MissingMethodException: No signature of method: groovy.util.ConfigObject.lastIndexOf() ...
I'm trying to setup our new Grails application to authenticate via LDAP. From the logs we can see that Acegi is binding to the LDAP store, then is able to find the user given the correct credentials, and finally begins searching for roles. The authentication fails due to a PartialResultException. I'm aware that the default LDAP provide...
I'm using the Acegi Security plugin for Grails, and authentication via LDAP. The application logs show that on login, we can authenticate the user and get their roles via LDAP, but the login fails because the User Details cannot be found in the application's database. Is there a way to auto create and save a basic User Details domain o...
We are using Spring security in our application with support for username / password based authentication as well as Open id based authentication. The issue is that google gives a different open id for the return url specified and we have at least 2 different entry points in our application from where open id is configured into our syst...
Is it possible for two different Grails project, also having different domains, to share a session/cookie? Let's say I have 2 sites: www.mycompany.com, and, www.othercompany.com. Assume that both sites are having same domains, and same database and records too. What I want to know is if this code: authenticateService.userDomain() or ...
Is there a similar logic for logout using this login code: // login account def autht = new AuthToken(username, password) def authtoken = daoAuthenticationProvider.authenticate(autht) SecurityContextHolder.context.authentication = authtoken I checked LogoutController and this is the only logic for logout: redirect(uri: '/j_spring_sec...