Bridges Weceem authentication to Spring Security

  • Tags: weceem
  • Latest: 1.2
  • Last Updated: 11 April 2014
  • Grails version: 2.1 > *
0 vote
Dependency:
compile ":weceem-spring-security:1.2"

 Documentation  Source  Issues

Summary

Provides the glue needed to make Weceem plugin use Spring Security for authorisation and authentication. Your application still needs to configure Spring-Security however. The domain class is expected to include "email" property.

Description

This plugin provides the glue needed to make Weceem CMS plugin use Spring Security for authorisation and authentication.

Your application still needs to configure Spring-Security however, and you provide your own domain classes. This class does not provide any UI for user administration. See example code in the WeceemApp source for this.

This plugin works in a standalone manner - if your application has your own custom UserDetailsService you may experience problems using this plugin and you must implement the Weceem bridge yourself - see the source repository.

Configuration

You need to tell this plugin how to map your user domain class into an object that can safely be stored in the session. To do this, you define a closure in Config.groovy that returns a map of values taken from the domain object:

weceem.springsecurity.details.mapper = { ->
    [   // Stuff required by weceem spring sec
        username: username,
        password: passwd,
        enabled: enabled,
        authorities: authorities,
        email: email,

// optional stuff we add description: description, firstName: firstName, lastName: lastName, id: id ] }

The above works because the right hand values in the map resolve to "it" and "it" is the domain instance at the time of logging in. So this way you can populate an object that will be used as the user principal.

Weceem requires the username, password, email, enabled and authorities values. The rest is all optional and dependent on your application's needs.

Once you have configured this and configured Spring Security correctly for your application, Weceem will automatically be aware of your logged in users' credentials.