We will create basic classes that are required to work with Spring in Grails application.
The first step before you continue with this tutorial, is to enable OSIV, as described in Open Session In View chapter to allow lazy loading in GORM. If you do not want OSIV in your project, set lazy to false on roles collection in User class.
Step 1
Create Role domain class that will represent a role assigned to a user. For example, a user can have multiple roles, like admin, client and so on.
grails create-domain-classapp.security.Role
packageapp.securityclass Role { String name static constraints = { }}
Step 2
Create User domain class that will represent your user.
grails create-domain-classapp.security.User
Then implement UserDetails interface from Spring Security and provide all the required fields.
Because we need a user with some roles during development, create a new user with few roles in BootStrap.
importapp.security.Roleimport app.security.Userclass BootStrap { def init = { servletContext -> Role adminRole = new Role(name: 'ADMIN') adminRole.save(failOnError: true) Role userRole= new Role(name: 'USER') userRole.save(failOnError: true) User user = new User() user.username = "john" user.password = "john" user.enabled = true user.accountNonExpired = true user.accountNonLocked= true user.credentialsNonExpired = true user.roles = [] user.roles << userRole user.roles << adminRole user.save(failOnError: true) } def destroy = { }}
Step 4
Now create UserService that will search for user by name and password in the database.
grails create-service app.security.UserService
We will use this to login the users.
packageapp.securityimport grails.transaction.Transactional@Transactionalclass UserService { User findByUsernameAndPassword(String username, String password) { User user = User.findByUsernameAndPassword(username, password) return user }}
Step 5
Create your implementation of AuthenticationManager interface in src/groovy that will authentificate a user.
packageapp.securityimport org.springframework.beans.factory.annotation.Autowiredimport org.springframework.security.authentication.AuthenticationManagerimport org.springframework.security.authentication.BadCredentialsExceptionimport org.springframework.security.authentication.UsernamePasswordAuthenticationTokenimport org.springframework.security.core.Authenticationimport org.springframework.security.core.AuthenticationExceptionimport org.springframework.security.core.GrantedAuthorityclass AuthManager implements AuthenticationManager { @Autowired private UserService userService public Authentication authenticate(Authentication auth) throws AuthenticationException { String username = (String) auth.principal String password = (String) auth.credentials User user = userService.findByUsernameAndPassword(username, password) if (user != null) { Collection<? extends GrantedAuthority> authorities = user.authorities return new UsernamePasswordAuthenticationToken(username, password, authorities) } throw new BadCredentialsException("Bad Credentials") }}
Open grails-app/conf/spring/resources.groovy and define a new bean. We have to have AuthManager under Spring controll otherwise autowired would not be done automatically.