acegi

Log user authentication in grails/acegi

Hi, where can I put a println in order to register a user's successful authentication in grails using acegi ? Thanks ...

Grails/Acegi disabled users question

Hi, I have a Grails app with acegi security, and I just found some users with their "enabled" field in false, when they were set to true after an approval process. My question is: May it have happened because of a maximum login attempts reached ? If so, where is it configured ? Thanks. ...

Using @Secured Annotation causes IS_FULLY_AUTHENTICATED problem in grails

I'm using Acegi/Spring Security in grails and when i use the annotations like @Secured(['ROLE_ADMIN']) it denies my login even though the user is part of ROLE_ADMIN. In looking through the login is it seems that it's getting an IS_AUTHENTICATED_FULLY role also but I have never added that to a page so i'm not sure how to bypass that. I re...

update on acegi roles for user?

If a loggedin user gets a new role, what does he has to do to get all permissions based on this role? logout and login again does not work reassign the roles with an admin-account works Do i have to delete all roles given to this user, and reassign them? Role model is hierarchical. ROLE_POWERUSER > ROLE_USER ...

Any easy way to delete a user (having many to many relation with role) in acegi, grails?

Hi, In default acegi setting, person and authority have many to many relations. Thus, in addtion to people and authorities, there is a table authotiries-people. To delete a person (a user) I have to delete the related record in authotiries-people first....then come back to delete the record... the problem is: other people are still u...

grails acegi afterLogoutUrl

I defined an afterLogoutUrl in my SecurityConfig.groovy. This url is to /logout/back; i put a back method in the LogoutController provided by acegi which redirects to the URL of another app (the other app is the "gatekeeper" app in our space). even though I have the rule /logout/back=IS_AUTHENTICATED_ANONYMOUSLY in my SecurityConfig...

How To Save Spring Security Logged In User In Session

This code get's the currently logged in user, using the Spring Security Plugin (acegi): def principalInfo = authenticateService.principal() def person = null if (principalInfo != "anonymousUser" && principalInfo.username) { person = Person.findByUsername(principalInfo.username) } I would then like to do: session.user = person T...

Case insensitive login in Grails with acegi

Hi, is there a way to force the login to be case insensitive using acegi in grails ? I didn't find a matching entry to be set in the SecurityConfig file. Thanks ...

Configuring acegi security to store successful logins to DB.

Hi, I'm new to Acegi. I have it working in its simplest form. I have to login in order to access the protected pages (I followed their tutorial). Now I want to have a DB Log of every successful login. Is there a simple way to do that? Something like forcing a specific action (which I would create and would write the information to the D...

how to stop endless redirect after successful login

My grails app is using Spring Security (Acegi). Users can login on /login. after this is successful it redirects to /. if someone now tries get back to the URL /login the browser says "endless redirect, the request could never be ended". in the login controller, action login which shows the login view there is some code if (isLoggedIn...

getting the url in the case of an auth failure...

In grails acegi plugin, you can specify the authenticationFailureUrl property in SecurityConfig. Is there a way to get the url that caused the auth failure in the scope of the authenticationFailureUrl? This is not as simple as just getting the request or looking on the params. If there is an auth failure, you get redirected to the a...

Grails - access only for object's owner

Hi! I'm still working on my first Grails application. This time, my problem is to limit access to some actions for particular users. Assume users add some object, e.g. books. I would like to give access to edit a book only to admin and the user that added the book. I'm currently using Acegi plugin. I know there is newer version of that...

Spring Security (Acegi) and user Groups (vs. Roles)

We're developing an app (using Grails Spring Security (formerly Acegi)) in which we'll have thousands of users that span 10-15 discreet user types. In the current system, each user type equates to a "group", and the specific roles and permissions are tied to the group. The user gets all their "roles" from the group. For example, we mi...

How to Access other values from Login Form using Acegi Plugin in Grails

I want to pass in other hidden values to the server on the form for login. Then I want to be able to do some other computations on the server where I have access to the form hidden parameters and also the newly authenticated user object. I was hoping to use the onInteractiveAuthenticationSuccessEvent event. However, I cannot find a po...

How to access the URL that Acegi has stored for after the login form in Grails

I'm integrating Gigya with a web app running Acegi. I have it working that the client side Gigya can authenticate an existing user and then skip the login form post and hit a controller method to inform the server securly that the user authentication has been performed by Gigya. Using the following code in my controller I'm able to tel...

Trying to use Grails Spring Security Plugin + Facebook Connect to automatically create a user with default permissions on Authentication

I am working on an app that uses the Spring (Acegi) plugin for Grails. The plugin has facebook connect settings built in. I have followed the instructions to handle a facebook login within the app... however my knowledge of exactly whats going on is weak and what I really would like to do is give the user/visitor the option of either l...

Need help about grails&acegi

refer to http://www.grails.org/AcegiSecurity+Plugin+-+Basic+Tutorial if I need to custom field,for example i need gender,age,etc. How to do? ...

[Spring-Flex][ACEGI] Error or no security...

Hi all , As I say in the title of my question, I don't succeed in configuring Spring Security... I've followed two articles written by James Ward or Jettro Coenradie but I still don't have it ! First I tried to make all this working in a fake project, and it worked well, thant I tried in the "real" project. The configuration files are ...

Grails Spring Security (Acegi) plugin intercept login to inject custom Facebook Connect logic

Ok, second try here.. hoping I phrase my question better to get a few responses. I am currently working on a small project developed in Grails with the Spring Security plugin to handle account management and security. I want to intercept the login function and add some custom code. The goal is to have 2 options available to the end ...

DO I need to create a custom authentication provider for facebook connect + spring security in grails?

Do I need to write a custom authentication provider to use facebook connect with account registration + authorization for the Spring Security plugin in Grails? I am trying to offer the traditional application registration with facebook connect in a grails dev app using Spring Security. Does this make sense? Any ideas? ...