{"id":86074,"date":"2019-01-14T07:00:30","date_gmt":"2019-01-14T05:00:30","guid":{"rendered":"https:\/\/www.javacodegeeks.com\/?p=86074"},"modified":"2019-01-11T11:50:24","modified_gmt":"2019-01-11T09:50:24","slug":"grails-spring-security","status":"publish","type":"post","link":"https:\/\/www.javacodegeeks.com\/2019\/01\/grails-spring-security.html","title":{"rendered":"Grails with Spring Security"},"content":{"rendered":"

1. Overview of Spring Security Integration with Grails<\/h2>\n

Spring Security touts a number of authentication, authorization, instance-based, and various other features that make it so attractive to secure applications with.<\/p>\n

With this in mind, due to Grails use of Spring\u2019s Inversion of Control <\/a>Framework and MVC setup, developers sought to use Spring Security to secure Grails.<\/p>\n

This has resulted in two notable plugins: Spring Security Core Plugin <\/a>and\u00a0Spring Security ACL Plugin<\/a>.<\/p>\n

We will be reviewing the capabilities of these Spring Security plugins and making comparisons to using Spring Security for a plain old Spring application.<\/p>\n

2. Spring Security Core Plugin<\/h2>\n

This plugin provides practical defaults with many configuration options for customization.<\/p>\n

2.1 Domain Classes<\/h3>\n

The Spring Security Core Plugin uses the default Grails domain classes. In order to use the standard lookup for the plugin, we need at a minimum a\u00a0Person<\/em> and\u00a0Authority<\/em> domain class.<\/p>\n

If we want to store URL <==> Role mappings in the database (which is one of several approaches for defining the mappings), we need a Requestmap<\/em> domain class. If we use the recommended approach for mapping the many-to-many relationship between\u00a0Person<\/em> and Authority, we also need a domain class to map the join table.<\/p>\n

To use the user\/group lookup, we\u2019ll also need a Group\u00a0<\/em>domain class. If we are using the recommended approach for mapping many-to-many relationship between Person<\/em> and\u00a0Group<\/em> and between\u00a0Group<\/em> and Authority<\/em> we\u2019ll need a domain class for each to map the join tables. We can still additionally use\u00a0Requestmap<\/em> with this approach.<\/p>\n

We can use the s2-quickstart<\/a> to generate domain classes. The syntax is quite easy:<\/p>\n

grails s2-quickstart DOMAIN_CLASS_PACKAGE USER_CLASS_NAME ROLE_CLASS_NAME [REQUESTMAP_CLASS_NAME] [--groupClassName=GROUP_CLASS_NAME]<\/pre>\n
An example with\u00a0Person<\/em>, Authority<\/em>, and Requestmap<\/em>:<\/p>\n
grails s2-quickstart com.ourapp Person Authority Requestmap<\/pre>\n
2.2 Configuring Request Mappings for Securing URLs<\/h3>\n
We can choose among the following approaches to configure request mappings for securing URLs:
 
<\/div> <\/div><\/p>\n