best grammar app

Grails MongoDB Spring Security Getting Started

Submitted by Abhishek on Tue, 2013-09-17 17:38
mongodb.org/grails.org
packagecom.numahub

importorg.bson.types.ObjectId;

class User {
	ObjectIdid
	transientspringSecurityService

	String username
	String password
	String firstName
	String lastName
	String email
	booleanenabled
	booleanaccountExpired
	booleanaccountLocked
	booleanpasswordExpired

	staticconstraints = {
		username blank: false, unique: true,size: 2..32,matches: "[a-zA-Z0-9_]+"	
		firstNameblank:false, size: 1..128
		lastNameblank:false, size: 1..128
		emailblank:false, size: 1..128, email: true
		password blank: false
	}

	staticmapping = {
		passwordcolumn: '`password`'
	}

	SetgetAuthorities() {
		UserRole.findAllByUser(this).collect { it.role } as Set
	}

	defbeforeInsert() {
		encodePassword()
	}

	defbeforeUpdate() {
		if (isDirty('password')) {
			encodePassword()
		}
	}

	protectedvoidencodePassword() {
		password = springSecurityService.encodePassword(password)
	}
}

Step 7: Override User Details Service

Now, I had to override the User Details Service. For this I created a new service called MongoUserDetailsService:

create-service com.numahub.MongoUserDetailsService

The contents looked like this:

packagecom.numahub

importorg.codehaus.groovy.grails.plugins.springsecurity.GrailsUser
importorg.springframework.security.core.GrantedAuthority
importorg.springframework.security.core.userdetails.UserDetails
import org.springframework.security.core.authority.GrantedAuthorityImpl
import org.springframework.security.core.userdetails.UsernameNotFoundException
import org.codehaus.groovy.grails.plugins.springsecurity.SpringSecurityUtils
import org.apache.log4j.Logger
import org.codehaus.groovy.grails.plugins.springsecurity.GrailsUserDetailsService
importcom.numahub.User
importcom.numahub.UserRole

classMongoUserDetailsServiceimplementsGrailsUserDetailsService {

	private Logger log = Logger.getLogger(getClass())

/**
 * Some Spring Security classes (e.g. RoleHierarchyVoter) expect at least one role, so
 * we give a user with no granted roles this one which gets past that restriction but
 * doesn't grant anything.
 */
	staticfinal List NO_ROLES = [
		newGrantedAuthorityImpl(SpringSecurityUtils.NO_ROLE)
	]

	@Override
	UserDetailsloadUserByUsername(String username, booleanloadRoles) {
		if(log.debugEnabled) {
			log.debug("Attempted user logon: $username")
		}
		User.withTransaction{ status ->
			def user = User.findByUsername(username)

			if (!user) {
				log.warn("User not found: $username")
				thrownewUsernameNotFoundException('User not found', 
username)
			}

			if(log.debugEnabled) {
				log.debug("User found: $username")
			}

			def roles = NO_ROLES
			if (loadRoles) {
				def authorities = user.authorities?.collect
{newGrantedAuthorityImpl(it.authority)}
				if(authorities) {
					roles = authorities
				}
			}

			if(log.debugEnabled) {
				log.debug("User roles: $roles")
			}

			returncreateUserDetails(user, roles)
		}
	}

	@Override
	UserDetailsloadUserByUsername(String username) {
		returnloadUserByUsername(username, true)
	}

	protectedUserDetailscreateUserDetails(user, Collection authorities) {
		newGrailsUser(user.username, user.password, user.enabled,
				!user.accountExpired, !user.passwordExpired,
				!user.accountLocked, authorities, user.id)
	}
}

Step 8: Specify the Service

To make the service available, I added it into conf> spring >resources.groovy file

// Place your Spring DSL code here
beans = {
	userDetailsService(com.numahub.MongoUserDetailsService)
}

Step 9: Add a Default Role and User

To test the application I added a Default User and Role. Below is the code I added in the BootStrap.groovy:


Abhishek Mishra
Good experience in working with BPM technologies like Savvion, JBPM. Founder and Chief Editor of BPMGeek.com. Founder of Savvion Business Manager Mobility Framework Savmobify| View my BPMGeek Profile
|
best grammar app

About BPMGeek

BPMGeek is an initiative to collaborate and communicate with the growing Business process management community out there. The goal is to help developers connect with experts, ask questions, post their learning and get understanding of BPM Concepts. Often tool specific knowledge of niche areas end up developers perplexed and confused - especially when there are very less number of resources available. We will be coming up several several new features. Have a look at our Roadmap here

BPMGeek is an independent entity not associated with any Product. All BPM product professionals are invited to contribute. The Logos and Names used across the site belong to their respective owners. The viewpoints mentioned by Individual contributors are their own. BPMgeek cannot be held liable for any issues arising out of it.


BPMgeek is promoting the Nounshoun English Grammar App - developed by Constellation Software.