Last updated by
5 years ago
Page: AcegiSecurity Plugin - Basic Tutorial, Version:0
Create your Grails application
# grails create-app bookstore # cd bookstore
Install the Acegi plugin
# grails install-plugin acegi
Create the User, Role, and Requestmap domain classes
# grails create-auth-domains User Role
You can choose other names for User and Role, these are just examples.The script will create this User class:
/** * User for user account. */ class User { static transients = ['pass'] static hasMany = [authorities: Role] static belongsTo = Role /** Username */ String username /** User Real Name*/ String userRealName /** MD5 Password */ String passwd /** enabled */ boolean enabled String email boolean emailShow /** description */ String description = '' /** plain password to create a MD5 password */ String pass = '[secret]' static constraints = { username(blank: false, unique: true) userRealName(blank: false) passwd(blank: false) enabled() } }
/** * Role class for Authority. */ class Role { static hasMany = [people: User] /** description */ String description /** ROLE String */ String authority = 'ROLE_' static constraints = { authority(blank: false) description() } }
/** * Domain class for Request Map. */ class Requestmap { String url String configAttribute static constraints = { url(blank: false, unique: true) configAttribute(blank: false) } }
Optional - create controllers and GSPs for User, Role, and Requestmap domain classes
# grails generate-manager
- grails-app/controllers/RequestmapController.groovy
- grails-app/controllers/RoleController.groovy
- grails-app/controllers/UserController.groovy
- grails-app/views/requestmap/create.gsp, edit.gsp, list.gsp, view.gsp
- grails-app/views/role/create.gsp, edit.gsp, list.gsp, view.gsp
- grails-app/views/user/create.gsp, edit.gsp, list.gsp, view.gsp
Optional - create controllers and GSPs for Captcha, Register, and an Emailer Service.
# grails generate-registration
- grails-app/controllers/CaptchaController.groovy
- grails-app/controllers/RegisterController.groovy
- grails-app/services/EmailerService.groovy
- grails-app/views/register/edit.gsp, index.gsp, show.gsp
Create a controller that will be restricted by role
# grails create-controller Secure
class SecureController { def index = {
render 'Secure access only'
}
}Start the server
# grails run-app
Navigate to http://localhost:8080/bookstore/role/create and create an 'admin' role:
then navigate to http://localhost:8080/bookstore/requestmap/create and create the mapping for SecureController:
and finally navigate to http://localhost:8080/bookstore/user/create (or http://localhost:8080/bookstore/register) to create a test user:
Now navigate again to http://localhost:8080/bookstore/secure and this time, you should be presented with the login page:
Log in with the username and password you used for the test user, and you should again be able to see the secure page:
When logging in, you can test the Remember Me functionality. Check the checkbox, and once you've tested the secure page close your browser and re-open it. Navigate again the the secure page, and since you have a cookie stored, you shouldn't need to log in again. Logout at any time by navigating to http://localhost:8080/bookstore/logoutIf you prefer to store your url/role mapping statically instead of in the database, skip the Requestmap step and instead make these changes in grails-app/conf/SecurityConfig.groovy:
- change the 'useRequestMapDomainClass' property to false
- uncomment the 'requestMapString' property and change its value to:
requestMapString = """ CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON PATTERN_TYPE_APACHE_ANT /secure/**=ROLE_ADMIN /**=IS_AUTHENTICATED_ANONYMOUSLY """