However, I gave it a little more thought and going back to the "why re-invent the wheel" philosophy of development and just started looking into leveraging Grails Spring Security Plugin.
Found this great article on quick start with Spring Security: http://sysgears.com/articles/spring-security-grails-plugin-quick-start-and-some-tips
Here's what I've done thus far:
1. Modify my BuildConfig.groovy to include Spring Security:
plugins {
build ":tomcat:$grailsVersion"
compile ":spring-security-core:1.2.7.3"
compile ":twitter-bootstrap:2.1.1"
compile ":resources:1.1.6"
runtime ":hibernate:$grailsVersion"
}
2.Run s2-quickstart:
s2-quickstart com.philiptenn.security User Role Requestmap
3. Refactored the generated Controllers LoginController and LogoutController so that they are in the com.philiptenn.security package.
4. Customized Password algorithm to SHA-512:
grails.plugins.springsecurity.password.algorithm='SHA-512'
I feel like this is just scratching the surface. I ended up running into questions and needed to post on StackOverflow: Grails Spring Security Custom UserDetailsService (goal of email in place of username).
No comments:
Post a Comment