We have several in-house developed application in Groovy/Grails and use a shared plugin containing code that is common to all applications. We're needing more advanced authentication (LDAP, CAS, etc.) so it's time to implement the Spring Security plugin. I've been doing a bunch of reading on it, but I'm stuck at something as simple as changing the URLs and GSP pages that are used for the login and logout. I'm assuming that we'll also need a custom controller to make these changes.
In a normal situation where an application is using the Spring Security plugin, changing the default controller and/or GSPs seems to be as easy as just creating a file with the same name and location as the original files (since application files override plugin files). However, we're including the Spring Security plugin in our shared plugin which then is included in the application ... so unless it's possible to have one plugin override another plugins files this sort of solution doesn't seem to work here.
What would be the correct approach for overriding the default login/logout pages, url, and possibly controllers being used?
The controllers and GSPs are part of the plugin in 2.0. If you want to customize them copy them from the installed plugin directory to your project in the same folders and make the changes there. App files always override plugin files because the plugins are compiled first, then the app, so the app's files take precedence.
This procedure worked successfully for me.
Related
I would like to customize the spring boot admin ui to put some custom urls for healthcheck.I didn't find any examples on altering the UI like adding some tabs or putting some urls etx.
I found some documentation under http://codecentric.github.io/spring-boot-admin/current/ but it wasn't helpfull.
Any help on this would be really appreciated
Spring boot admin uses vue.js for frontend.
It is possible to add custom views to the ui. The views must be implemented as Vue.js components.
The JavaScript-Bundle and CSS-Stylesheet must be placed on the classpath at /META-INF/spring-boot-admin-server-ui/extensions/{name}/ so the server can pick them up. The spring-boot-admin-sample-custom-ui module contains a sample which has the necessary maven setup to build such a module.
The custom extension registers itself by calling SBA.use() and need to expose a install() function, which is called by the ui when setting up the routes. The install() function receives the following parameters in order to register views and/or callbacks:
I'm attempting to port over a huge website to Spring Boot. I have just about every piece of put in place except the security in JSP.
Unfortunately, the library that supports the security tag lib;
Causes my project to crash. I've tried looking for conflicts in the pom file but it's not to be.
I was able to get the principle using scriptlets but there are several times I conditionally display menus, based upon the authorization of the user. I even thought of writing my own tag libs but I it would take too long.
Are there any security tag libs that specifically work with Spring-Boot?
I am using the new Grails Spring Security Core 2.0 plugin and am wondering how i can customize the login view and the LoginController/LogoutController?
The previous versions of the plugin generated these files but now it seems that I have to copy them from the plugin to my project. Is this the correct approach?
And if so, can I put the copied controllers and views into another package then the original ones. IntelliJ seems to dislike having the same artifacts in the same package.
By default in version 2.0 logouts are only allowed via POST requests. To change this to allow GET requests add the following to your Config.groovy file.
grails.plugin.springsecurity.logout.postOnly = false
Once you have that set you can link directly to logout controller in order to logout
<g:link controller="logout">logout</g:link>
If you want to find more info on what else was changed in version 2 look to the What's New in Version 2.0 documentation
Another option would be to use a remote link which by default uses the "post" method
<g:remoteLink class="logout" controller="logout">${message(code: 'springSecurity.logout.link')}</g:remoteLink>
I don't think any of the above answers actually answer the question.
If you want to override the controllers and the views in your web-app then yes copy them up into your web-app. You can even give them a different package hierarchy if you wish as the spring-security-core plugin seems to reference them by URL and yours would replace them.
This works because controllers and views declared in the main web-app take precedence over those that are in the plugins.
However if you are doing this in another plugin thats when things get a bit tricky. See this questiona and answer for a solution to that problem
I'm building web applications using Spring (scaffolded with ROO) and Velocity for the template engine.
Those applications are very similar in their flow, most of the time the logic doesn't change very much, so I can use the same controllers across multiple webapps. What needs customization is the UI side.
I want to build a flexible system that allows :
To work locally while developing
To package templates outside of the webapp
To change some templates without redeploying the webapp.
So far I have built something which uses the WebappResourceLoader and the URLResourceLoader :
resource.loader=url,webapp
webapp.resource.loader.class=org.apache.velocity.tools.view.WebappResourceLoader
webapp.resource.loader.path=/WEB-INF/views/
webapp.resource.loader.cache=true
webapp.resource.loader.modificationCheckInterval=1
url.resource.loader.class=org.apache.velocity.runtime.resource.loader.URLResourceLoader
url.resource.loader.root=http://localhost/templates/
url.resource.loader.cache=false
So basically, the "default" templates are located inside the webapp, and can be overridden by templates located somewhere accessible by URL (right now in a simple folder in Apache).
In the end, the templates for each "skin" should be packaged in a separate WAR.
Now I don't know how to be able to work locally with this architecture...
Most of the time, I'll be working on customizing the templates code, so I suppose I could have a WAR project with only templates, and use Maven's WAR Overlay to bring them to life.
But in this case, the templates are inside the WAR, and this is not what I want...
Any ideas ?
I've got a Spring MVC application and I've decided that I'd like to try using GWT for the front end. I'd like to continue using MVC as I'll also be using Spring Security and some other springy stuff.
I'm aware of the GWT-SL project, and I guess I'll use it. The documentation is light on examples unfortunately.
What I'm wondering now is.... how do I reconfigure my project so that I can use GWT? I'm assuming that I'll lose the ability to run in hosted mode, and I suppose that's ok. Do I just add the GWT and GWT-SL jars, reconfigure my web.xml, and add a package to my project for the GWT code?
I'm using Eclipse 3.4. My existing project is standard web project.
With the new version of the GWT plugin, you'd have all the benefits of the hosted mode browser without having to modify any options. The GWTHandler from the GWT-SL will take care of your rpc call mapping. However, you will have a problem with your existing domain objects structure. You will either have to put them in GWT's 'client' package, or mirror your existing domain objects to enable them to be compiled to javascript. I have been looking for a stable non-invasive framework for doing this, but have yet to find one. Gilead looks promising, but you will have to extend its classes on your domain.
I have posted a view month ago my simple project (3 classes) how to integrate GWT with existing Spring MVC application. Simple sample also provided.
Try it, it is clear and simple: http://code.google.com/p/gspring.
You won't lose hosted mode. I don't know if you're using the internal server for that - I use -noserver so I can't help you there.
Other than that, I guess the documentation is quite clear. Have you hit any specific problems?