I'm trying to secure a simple grails app. Pulling my hair out trying to authenticate with an admin user created in BootStrap.groovy.
BootStrap.groovy:
class BootStrap {
def springSecurityService
def init = { servletContext ->
def userRole = SecRole.findByAuthority('ROLE_USER') ?: new SecRole(authority: 'ROLE_USER').save(failOnError: true)
def adminRole = SecRole.findByAuthority('ROLE_ADMIN') ?: new SecRole(authority: 'ROLE_ADMIN').save(failOnError: true)
def adminUser = SecUser.findByUsername('admin') ?: new SecUser( username: 'admin', password: 'admin', enabled: true ).save(failOnError: true)
println(userRole.all)
println(adminRole.getAuthority())
println(adminUser.getUsername())
if (!adminUser.authorities.contains(adminRole)) { SecUserSecRole.create( adminUser, adminRole ) }
}
def destroy = {
}
}
Controller:
import grails.plugin.springsecurity.annotation.Secured;
class EmployeeController {
@Secured(['ROLE_ADMIN'])
def index() {
render "Some things are just private"
}
// def scaffold = true
}
Config.groovy:
// Added by the Spring Security Core plugin:
grails.plugin.springsecurity.userLookup.userDomainClassName = 'SecUser.SecRole'
grails.plugin.springsecurity.userLookup.authorityJoinClassName = 'SecUser.SecRoleReqeustmap'
grails.plugin.springsecurity.authority.className = 'SecUser.Reqeustmap'
grails.plugin.springsecurity.controllerAnnotations.staticRules = [
'/': ['permitAll'],
'/index': ['permitAll'],
'/index.gsp': ['permitAll'],
'/assets/**': ['permitAll'],
'/**/js/**': ['permitAll'],
'/**/css/**': ['permitAll'],
'/**/images/**': ['permitAll'],
'/employee/**': ['permitAll'],
'/**/favicon.ico': ['permitAll']
]
URLMapping.groovy:
class UrlMappings {
static mappings = {
"/$controller/$action?/$id?(.$format)?"{
constraints {
// apply constraints here
}
}
"/"(view:"/index")
"500"(view:'/error')
"/login/$action?"(controller:"login")
"/logout/$action?"(controller:"logout")
}
}
Database.groovy:
environments {
development {
dataSource {
dbCreate = "create-drop" // one of 'create', 'create-drop', 'update', 'validate', ''
//url = "jdbc:h2:mem:devDb;MVCC=TRUE;LOCK_TIMEOUT=10000;DB_CLOSE_ON_EXIT=FALSE"
url = "jdbc:mysql://localhost:3306/test?autoreconnect=true"
}
}
......
added debugging but nothing shows up of value.
what am I missing? When I get the default user login/auth page and I put in admin/admin credentials the application keeps returning with "Sorry not able to find user with that...."
Thank you in advance
Using the techniques identified in the post. I got the following results: I added the event handler directly to the config and it shed some more light on the error: uthentication.ProviderManager – Authentication attempt using org.springframework.security.authentication.dao.DaoAuthenticationProvider ERROR auth failed for user admin: The specified user domain class ‘SecUser.SecRole’ is not a domain class 2014-09-30 18:48:43,076 [http-bio-9191-exec-6] DEBUG rememberme.TokenBasedRememberMeServices – Interactive login attempt was unsuccessful. 2014-09-30 18:48:43,076 [http-bio-9191-exec-6] DEBUG rememberme.TokenBasedRememberMeServices – Cancelling cookie 2014-09-30 18:48:43,099 [http-bio-9191-exec-6] DEBUG web.DefaultRedirectStrategy – Redirecting to ‘/shareRef/login/authfail?login_error=1′
I’m not sure why springsecurity indicates that SecUser.SecRole is not a domain class.
I have a SecUserSecRole domain class that was automagically created after running the grails s2 script.
