best grammar app

Grails MongoDB Spring Security Getting Started

Submitted by Abhishek on Tue, 2013-09-17 17:38


class User {

	String username
	String password
	String firstName
	String lastName
	String email

	staticconstraints = {
		username blank: false, unique: true,size: 2..32,matches: "[a-zA-Z0-9_]+"	
		firstNameblank:false, size: 1..128
		lastNameblank:false, size: 1..128
		emailblank:false, size: 1..128, email: true
		password blank: false

	staticmapping = {
		passwordcolumn: '`password`'

	SetgetAuthorities() {
		UserRole.findAllByUser(this).collect { it.role } as Set

	defbeforeInsert() {

	defbeforeUpdate() {
		if (isDirty('password')) {

	protectedvoidencodePassword() {
		password = springSecurityService.encodePassword(password)

Step 7: Override User Details Service

Now, I had to override the User Details Service. For this I created a new service called MongoUserDetailsService:

create-service com.numahub.MongoUserDetailsService

The contents looked like this:


import org.codehaus.groovy.grails.plugins.springsecurity.SpringSecurityUtils
import org.apache.log4j.Logger
import org.codehaus.groovy.grails.plugins.springsecurity.GrailsUserDetailsService

classMongoUserDetailsServiceimplementsGrailsUserDetailsService {

	private Logger log = Logger.getLogger(getClass())

 * Some Spring Security classes (e.g. RoleHierarchyVoter) expect at least one role, so
 * we give a user with no granted roles this one which gets past that restriction but
 * doesn't grant anything.
	staticfinal List NO_ROLES = [

	UserDetailsloadUserByUsername(String username, booleanloadRoles) {
		if(log.debugEnabled) {
			log.debug("Attempted user logon: $username")
		User.withTransaction{ status ->
			def user = User.findByUsername(username)

			if (!user) {
				log.warn("User not found: $username")
				thrownewUsernameNotFoundException('User not found', 

			if(log.debugEnabled) {
				log.debug("User found: $username")

			def roles = NO_ROLES
			if (loadRoles) {
				def authorities = user.authorities?.collect
				if(authorities) {
					roles = authorities

			if(log.debugEnabled) {
				log.debug("User roles: $roles")

			returncreateUserDetails(user, roles)

	UserDetailsloadUserByUsername(String username) {
		returnloadUserByUsername(username, true)

	protectedUserDetailscreateUserDetails(user, Collection authorities) {
		newGrailsUser(user.username, user.password, user.enabled,
				!user.accountExpired, !user.passwordExpired,
				!user.accountLocked, authorities,

Step 8: Specify the Service

To make the service available, I added it into conf> spring >resources.groovy file

// Place your Spring DSL code here
beans = {

Step 9: Add a Default Role and User

To test the application I added a Default User and Role. Below is the code I added in the BootStrap.groovy:

Abhishek Mishra
Good experience in working with BPM technologies like Savvion, JBPM. Founder and Chief Editor of Founder of Savvion Business Manager Mobility Framework Savmobify| View my BPMGeek Profile
best grammar app

About BPMGeek

BPMGeek is an initiative to collaborate and communicate with the growing Business process management community out there. The goal is to help developers connect with experts, ask questions, post their learning and get understanding of BPM Concepts. Often tool specific knowledge of niche areas end up developers perplexed and confused - especially when there are very less number of resources available. We will be coming up several several new features. Have a look at our Roadmap here

BPMGeek is an independent entity not associated with any Product. All BPM product professionals are invited to contribute. The Logos and Names used across the site belong to their respective owners. The viewpoints mentioned by Individual contributors are their own. BPMgeek cannot be held liable for any issues arising out of it.

BPMgeek is promoting the Nounshoun English Grammar App - developed by Constellation Software.