I'm using Grails 4.0.9 and spring security core grails plugin 4.0.3 and spring-security-ui:4.0.0.M1, I want to add some properties while the user is registering such as telephone number and age, how I can do this while using the default Spring security default UI
The plugin generates the default implementation for you. So you would need to update the default generated templates for the RegisterController and forms.
Please check the customisation section in the plugin documentation.
Related
I am using spring boot in which I wanted to dynamically generate open api 3 specification by uploading json/yml and view in swagger ui
upload json/yml
dynamically generate swagger /open api specification
3.view in swagger ui
Is there any approach /plugin available to implement this?
similar implementation as swagger Interceptor but our workstation does not allow to use interceptor. so we are generating our own tool
Well i'm building some personal project to learn spring roo 2. Now i'm struggling with spring security. There is little information about spring roo 2 in google and many relatively useful information on spring boot relating to spring roo.
with the command "security setup" you got the "--provider" option.
This is the description that the help gives you:
optional --provider: The Spring Security provider to install. Possible values are: DEFAULT (default Spring Security configuration provided by Spring Boot will be used), and SPRINGLETS_JPA (advanced Spring Security configuration will be included using Springlets JPA Authentication).; default: 'DEFAULT'
I couldn't find the difference between these two options, even on the spring roo M3 reference documentation. Even searching for "Springlets JPA Authentication" gives no information about it.
Anyone has any clue about this?
Thanks
These are the main differences between this two providers:
DEFAULT: Is the default Spring Security auto-configuration provided by Spring Boot when you include the spring-boot-starter-security in your project classpath. This is the default option because Spring Roo always tries to generate applications that use the auto-configuration provided by Spring Boot.
Selecting this provided the following changes will be applied to your project:
spring-boot-starter-security dependency will be included to your pom.xml file
If you want to know more information about this configuration you should check the spring boot reference guide
SPRINGLETS_JPA: If you select this provider, the default Spring Security auto-configuration provided by Spring Boot will be used. In addition, this provider will include the Springlets library to your classpath that provides you some extra starters to auto-configure advanced Spring Security properties. Also, configures the security authentication to use and user from the database instead of the default in-memory authentication provided by Spring Boot auto-configuration. You will be able to manage these configuration using the application.properties file and including the properties springlets.security.auth.in-memory.enabled and springlets.security.auth.in-memory.erase-credentials.
Selecting this provided the following changes will be applied to your project:
springlets-boot-starter-authentication dependency will be included to your pom.xml file
security.enable-csrf=true property will be included to enable CSRF. Know more about CSRF and Spring Security here
To know more about the Springlets Security project check the Springlets project page
Hope it helps,
Is it possible to customize the login gsp page for the starter security plugin?
org.springframework.boot:spring-boot-starter-security
I read about adding grails-app/views/login/auth.gsp but that made no difference.
If you are using Grails 3, then you probably would find it easier to use the Grails plugin, rather than trying to use the spring boot starter directly. In your gradle build, put:
compile 'org.grails.plugins:spring-security-core:<version>'
If you run the provided starter script, then the necessary grails config values will be placed in application.groovy for you to adjust to your needs. The docs for the plugin are quite good: https://grails-plugins.github.io/grails-spring-security-core/, and once you see how the plugin works, the Spring documentation becomes easier to use in the context of Grails (for example, all the spring bean config you might want to do based on Spring's docs you do in grails-app/conf/spring/resources.groovy using the bean builder DSL.
If you use this plugin then all the spring wiring will be done for you, and the override of the login page's gsp should work as advertised.
If you don't want to use the Grails plugin, then perhaps looking at the source for the plugin will give you the information you need to wire in the spring package yourself (since that's what the plugin does). Most of the spring wiring work takes place right in the plugin file SpringSecurityCoreGrailsPlugin.groovy
I am developing Spring Based multitenant application. I was refering to an article # http://www.ibm.com/developerworks/library/j-saas/index.html
It shows how to implement Multitenant application using Spring Security + LDAP. But it seems that article is written in 2008 and is applicable to Spring Security 2.0.1. whereas I am using latest version of Spring Security (3.1.3).
In latest Version, I am not able to locate SpringSecurityContextSource class.
Any suggestion on how to achieve same functionality?
I have just removed references of SpringSecurityContextSource. Still application is working as expected.
We're using Grails but with an existing model layer and DAO layer. We have an app written already in Spring MVC, using Spring for IoC and also Security. I'm trying to port the control and view over to Grails as a proof of concept. I have Grails working fine with IoC but am having some trouble getting Grails to work with Spring Security. I'm using 0.5.1 of the Spring security plugin for grails. I have an xml file with all of the spring security settings that work fine with the Spring MVC app, but I'm having trouble getting it to work in Grails. If anyone has any experience using Grails with Spring Security but not using the domain part of the Spring security plugin, then please let me know. Any advice, websites etc would be helpful.
You don't even need the Grails Spring Security Plugin,
You can integrate Spring Security 3 right into Grails as
it all Spring under the hood any way.
You only have to place the Security jars in the lib folder, add two entries into the web.xml and copy over your security applictionContext
This way you can use your existing Spring Security in your grails project
This worked for me.
http://old.nabble.com/Baked-Beans%3A-Securing-Grails-with-Spring-Security-3!-td25339938.html#a25339938
http://blog.jayway.com/2009/11/23/spring-security-for-real-with-grails/comment-page-1
http://knol.google.com/k/grails-with-spring-security#