tags:

views:

761

answers:

2
+1  Q: 

Spring Security Between Two Apps

I am using the Spring Source 2.0 security plugin and I've done the tutorial described on this page using the Requestmap method of security.

Acegi Plugin Tutorial

I now want to create a second bookstore as follows and implement the same tutorial.

grails create-app bookstore2

Both apps will share the same database so all users, roles, etc will be common between the two apps. Finally, I want a given user to be automatically authenticated in the second bookstore if he authenticates in the first. What is the best way to implement this?

+1  A: 

You might want to have a look at CAS. It's a federated login server that allows to use Single Sign On accross multiple web application - independent of it's plattform. It's Java, Spring based, but requires that you familiarize yourself with it's architecture. Spring Security has built-in support for CAS.

Siegfried Puchbauer  2009-03-06 12:01:54
Shouldn't there be a much simpler way? Application servers such as Glassfish already provide support for SSO with realms.
 2009-03-06 13:40:22
Yes, there certainly a simpler way but I do not have much experience with that. CAS provides flexibility, eg. when you want to connect other apps or you want to move an application to another app server.
Siegfried Puchbauer  2009-03-06 13:49:50
+1  A: 

You can leverage the "remember me" functionality that Acegi provides. Since it is cookie based, once you authenticate against the first application, it will drop a cookie, and then when you attempt to log in to the second application, as long as the security model is identical, you will be authenticated immediately via the cookie.

See: Acegi Documentation for further details.

Steve Levine  2009-03-09 02:02:58
only works if the apps are on the same domain though, otherwise, it would be a security vulnerability.
Chii  2009-03-09 10:30:46
True, one work around is to "frame" in the second domain (if you can). Something like: www.bookstore.com and two.bookstore.com points to www.bookstoretwo.com. Then the cookie will work, otherwise, as stated above, it will not work.
Steve Levine  2009-03-09 16:01:13
The remember me cookie applies to /bookstore. The second bookstore would be on /bookstore2. I'm guessing that I'll have to create the cookie on /.
 2009-03-10 00:52:05

related questions

How do I get at the goodies in my Grails Config.groovy at runtime?
Running a web app in Grails vs Django
Adding a method to a domain class
Getting Groovy's Grape Going!!!
Groovy question: "except" syntax?
What does it mean for a programming language to be "on rails"?
Groovy parsing JSON vs XML
Parsing XML with multi-line records
How do I redirect a file download using Grails?
Create grails war without version number
What needs checking in for a Grails app?
Grails - Acegi: Customize Authentication Method
J2EE and Grails: Communication with WebServices? Which framework?
Grails 1.0.3 console reports 'premature end of file'
Grails with YUI table example
grails plugin for eclipse and netbeans 6.1
error while using groovy.sql Out parameter.
Rails books?
Rails or Grails?
Is anyone developing facebook apps on Grails
How do I increase the number of default rows per page?
How to check if element in groovy array/hash/collection/list?
How do you access two databases in Grails
How do you change the default homepage in a Grails application?
Learning Ruby on Rails any good for Grails?