grails / grails-spring-security-core Goto Github PK

View Code? Open in Web Editor NEW

258.0 36.0 223.0 32.11 MB

Grails Spring Security Core Plugin

License: Apache License 2.0

Groovy 74.03% Shell 2.91% JavaScript 0.40% CSS 21.17% Batchfile 1.49%

grails grails-plugins spring-security

grails-spring-security-core's Introduction

Grails Spring Security Core Plugin

See documentation for further information.

Branch structure

6.0.x compatible with Grails 6
5.0.x compatible with Grails 5
4.0.x compatible with Grails 4
3.3.x compatible with Grails 3.3.x
3.2.x compatible with Grails 3.2.x

grails-spring-security-core's People

Contributors

Stargazers

Watchers

Forkers

burtbeckwith huncent colinharrington arshiakhan adrian0cg marcusb cyrilruel spither basejump shamill phillco pedjak doelleri euvitudo troii shipf delight aaronzirbes etcpe9 rlovtangen bdinka psoares texeltek joneilloine asoftwareguy ftaiolivista srattans cdeszaq robz4643 procserve vinco luque shahedhossain ctoestreich briley joerinehart toy zyro23 hrishikeshjoshi0 nobeans spark85 hocondoimeo orlandobcrra ravikarmasphere arcesino groovyfans sivareddy-cc yamkazu vinodpanicker davinsimmons lavandowska gpinkham uilian jbovet emmanuj sarbogast bluesliverx msriper27 mustafakarabat arief-hidayat makotokameda cruzer45 ssxenon01 tcrossland danveloper chinarosten beckje01 gilaw mgkimsal th3morg jsolari56 timyates trygvea ducnv82 jdpgrailsdev pbb6w7 jshickey prakashcbe mchristianson cesarizu davydotcom abharatiya kenheb youhunt mifi raghebkhaseeb lhotari mattnicolls micronax tedder kaajavi evaldotcjunior juanfgr jukinmediainc compstak kipriz peipito shashikant4u pergravgaard thm068

grails-spring-security-core's Issues

GPSPRINGSECURITYCORE-13: in SpringSecurityCoreGrailsPlugin, configureAuthenticationProcessingFilter reads the wrong config value

Original Reporter: rabrab
Environment: Not Specified
Version: Grails-Spring-Security-Core 0.3
Migrated From: http://jira.grails.org/browse/GPSPRINGSECURITYCORE-13

in SpringSecurityCoreGrailsPlugin.groovy,

alwaysCreateSession = conf.sessionFixationPrevention.alwaysCreate // false
should be:
alwaysCreateSession = conf.sessionFixationPrevention.alwaysCreateSession // false

This is either a bug in SpringSecurityCoreGrailsPlugin.groovy, or the documentation and Config.groovy of SpringSecurityCoreGrailsPlugin are faulty.
Pick one ;-)

GPSPRINGSECURITYCORE-26: Spring Security Core and UI conflict over jquery version?

Original Reporter: seanoc5
Environment: Not Specified
Version: Not Specified
Migrated From: http://jira.grails.org/browse/GPSPRINGSECURITYCORE-26

When I added spring-security-ui (to get add/remove users and such), it installed jquery 1.4.2.5 (along with related jquery-ui).

On compile or run-app, I get a (grails) message asking if I want to 'upgrade' from 1.4.2.5 to 1.4.2.4. I finally agreed to upgrade/downgrade, and now I get the following error messages:

Dependencies resolved in 855ms.
Running script /usr/local/grails/scripts/RunApp.groovy
Environment set to development
[groovyc] Compiling 1 source file to /home/sean/.grails/1.3.3/projects/sdrprep/plugin-classes
[native2ascii] Warning: messages.properties modified in the future.
[native2ascii] Converting 1 file from /home/sean/.grails/1.3.3/projects/sdrprep/plugins/jquery-ui-1.8.4/grails-app/i18n to /home/sean/.grails/1.3.3/projects/sdrprep/resources/plugins/jquery-ui-1.8.4/grails-app/i18n
Error: The following plugins failed to load due to missing dependencies: [springSecurityUi]

Plugin: springSecurityUi, Dependencies: [springSecurityCore, mail, jquery, jqueryUi, famfamfam]

and my plugin list is:

Plugins available in the grailsCore repository are listed below:

dummy <> --
hibernate <1.3.4> -- Hibernate for Grails
tomcat <1.3.4> -- Apache Tomcat plugin for Grails
webflow <1.3.4> -- Spring Web Flow Plugin

Plug-ins you currently have installed are listed below:

bubbling 2.1.2 -- Bubbling Library YUI Extension
famfamfam 1.0.1 -- Silk icons from famfamfam.com
grails-ui 1.2-SNAPSHOT -- Grails UI
hibernate 1.3.3 -- Hibernate for Grails
jquery 1.4.2.4 -- JQuery for Grails
jquery-ui 1.8.4 -- jQuery UI resources
mail 0.9 -- Provides Mail support to a running Grails application
spring-security-core1.0.1 -- Spring Security Core Plugin
spring-security-ui 0.1.1 -- User interface extensions for the Spring Security plugin.
tomcat 1.3.3 -- Apache Tomcat plugin for Grails
webflow 1.3.1 -- Spring Web Flow Plugin
yui 2.7.0.1 -- Yahoo! User Interface Library (YUI)

I assume the problem is a conflict in the jquery version required?
Thanks,

Sean

GPSPRINGSECURITYCORE-55: Update Spring Security to 3.0.3

Original Reporter: burtbeckwith
Environment: Not Specified
Version: Not Specified
Migrated From: http://jira.grails.org/browse/GPSPRINGSECURITYCORE-55

GPSPRINGSECURITYCORE-46: add static methods to get User Information (like public static Subject getSubject() in shiro)

Original Reporter: livelock
Environment: Not Specified
Version: Grails-Spring-Security-Core 1.1
Migrated From: http://jira.grails.org/browse/GPSPRINGSECURITYCORE-46

unfortunatley spring security core does not have a static means to get the principal, people not used to acegi may have difficulties finding out how to get it from the security context holder
can can we have a static methods returning

the principal return org.springframework.security.core.context.SecurityContextHolder.context.authentication.principal
the User according to the generated class
User.get(org.springframework.security.core.context.SecurityContextHolder.context.authentication.principal.id)

or have the above documented in a "static", non DI section

GPSPRINGSECURITYCORE-42: filter setup breaks functional tests: "'openIDAuthenticationFilter' is already registered"

Original Reporter: marcusb
Environment: Grails 1.3.4, OpenJDK, Debian Linux
Version: Grails-Spring-Security-Core 1.0
Migrated From: http://jira.grails.org/browse/GPSPRINGSECURITYCORE-42

When running both "test-app" with both integration and functional tests, it tries to configure Spring Security twice. The second time will fail when the OpenID plugin tries to install a filter again:
{code}
Welcome to Grails 1.3.4 - http://grails.org/
Licensed under Apache Standard License 2.0
Grails home is set to: /home/marcus/grails

Base Directory: /home/marcus/grails-bugs/security-config-test-app
Resolving dependencies...
:: problems summary ::
:::: WARNINGS
namespace not found for javax.servlet#servlet-api;2.5: maven2

Dependencies resolved in 3294ms.
Running script /home/marcus/grails/scripts/TestApp.groovy
Environment set to test
[mkdir] Created dir: /home/marcus/grails-bugs/security-config-test-app/target/test-reports/html
[mkdir] Created dir: /home/marcus/grails-bugs/security-config-test-app/target/test-reports/plain

Starting unit test phase ...

Starting integration test phase ...
[copy] Copying 1 file to /home/marcus/grails-bugs/security-config-test-app/target/test-classes/integration
[copy] Copying 1 file to /home/marcus/grails-bugs/security-config-test-app/target/classes

Configuring Spring Security ...
Configuring Spring Security OpenID ...

Starting functional test phase ...
Running Grails application..

Configuring Spring Security ...
Configuring Spring Security OpenID ...
2010-09-21 14:25:14,684 [main] ERROR context.ContextLoader - Context initialization failed
org.springframework.beans.factory.access.BootstrapException: Error executing bootstraps; nested exception is java.lang.IllegalArgumentException: Cannot register filter 'openIDAuthenticationFilter' at position 900; 'openIDAuthenticationFilter' is already registered in that position
at org.codehaus.groovy.grails.web.context.GrailsContextLoader.createWebApplicationContext(GrailsContextLoader.java:87)
at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:197)
at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:47)
at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:3961)
at org.apache.catalina.core.StandardContext.start(StandardContext.java:4456)
at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1045)
at org.apache.catalina.core.StandardHost.start(StandardHost.java:722)
at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1045)
{code}

GPSPRINGSECURITYCORE-17: Spring Security Core Plugin 1.0.1 doesn't work when the app-engine plugin is installed

Original Reporter: [email protected]
Environment: linux ubuntu, sts-2.5.0.M3, grails 1.3.4
Version: Not Specified
Migrated From: http://jira.grails.org/browse/GPSPRINGSECURITYCORE-17

The Spring Security Core Plugin 1.0.1 doesn't work when the app-engine plugin is installed. The following error appears when running the grails app (grails run-app):

Configuring Spring Security ...
[java] 19-Sep-2010 22:57:02 com.google.apphosting.utils.jetty.JettyLogger warn
[java] WARNING: Failed startup of context com.google.apphosting.utils.jetty.DevAppEngineWebAppContext@1ac7057c{/,/home/raoul/Documents/workspace-sts-2.5.0.M3/TestSecurity3/web-app}
[java] org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'authenticationUserDetailsService': Cannot resolve reference to bean 'userDetailsService' while setting constructor argument; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'userDetailsService': Cannot resolve reference to bean 'sessionFactory' while setting bean property 'sessionFactory'; nested exception is org.springframework.beans.factory.NoSuchBeanDefinitionException: No bean named 'sessionFactory' is defined
[java] at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueResolver.java:328)
[java] at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:106)
[java] at org.springframework.beans.factory.support.ConstructorResolver.resolveConstructorArguments(ConstructorResolver.java:621)
[java] at org.springframework.beans.factory.support.ConstructorResolver.autowireConstructor(ConstructorResolver.java:143)
[java] at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.autowireConstructor(AbstractAutowireCapableBeanFactory.java:993)
[java] at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:897)
[java] at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:485)
[java] at org.codehaus.groovy.grails.commons.spring.ReloadAwareAutowireCapableBeanFactory.doCreateBean(ReloadAwareAutowireCapableBeanFactory.java:105)
[java] at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:456)
[java] at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:291)
[java] at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:222)
[java] at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:288)
[java] at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:190)
[java] at org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:574)
[java] at org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:895)
[java] at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:425)
[java] at org.codehaus.groovy.grails.commons.spring.DefaultRuntimeSpringConfiguration.getApplicationContext(DefaultRuntimeSpringConfiguration.java:154)
[java] at org.codehaus.groovy.grails.commons.spring.GrailsRuntimeConfigurator.configure(GrailsRuntimeConfigurator.java:162)
[java] at org.codehaus.groovy.grails.commons.spring.GrailsRuntimeConfigurator.configure(GrailsRuntimeConfigurator.java:122)
[java] at org.codehaus.groovy.grails.web.context.GrailsConfigUtils.configureWebApplicationContext(GrailsConfigUtils.java:119)
[java] at org.codehaus.groovy.grails.web.context.GrailsContextLoader.createWebApplicationContext(GrailsContextLoader.java:73)
[java] at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:197)
[java] at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:47)
[java] at org.mortbay.jetty.handler.ContextHandler.startContext(ContextHandler.java:548)
[java] at org.mortbay.jetty.servlet.Context.startContext(Context.java:136)
[java] at org.mortbay.jetty.webapp.WebAppContext.startContext(WebAppContext.java:1250)
[java] at org.mortbay.jetty.handler.ContextHandler.doStart(ContextHandler.java:517)
[java] at org.mortbay.jetty.webapp.WebAppContext.doStart(WebAppContext.java:467)
[java] at org.mortbay.component.AbstractLifeCycle.start(AbstractLifeCycle.java:50)
[java] at org.mortbay.jetty.handler.HandlerWrapper.doStart(HandlerWrapper.java:130)
[java] at org.mortbay.component.AbstractLifeCycle.start(AbstractLifeCycle.java:50)
[java] at org.mortbay.jetty.handler.HandlerWrapper.doStart(HandlerWrapper.java:130)
[java] at org.mortbay.jetty.Server.doStart(Server.java:224)
[java] at org.mortbay.component.AbstractLifeCycle.start(AbstractLifeCycle.java:50)
[java] at com.google.appengine.tools.development.JettyContainerService.startContainer(JettyContainerService.java:185)
[java] at com.google.appengine.tools.development.AbstractContainerService.startup(AbstractContainerService.java:147)
[java] at com.google.appengine.tools.development.DevAppServerImpl.start(DevAppServerImpl.java:219)
[java] at com.google.appengine.tools.development.DevAppServerMain$StartAction.apply(DevAppServerMain.java:164)
[java] at com.google.appengine.tools.util.Parser$ParseResult.applyArgs(Parser.java:48)
[java] at com.google.appengine.tools.development.DevAppServerMain.(DevAppServerMain.java:113)
[java] at com.google.appengine.tools.development.DevAppServerMain.main(DevAppServerMain.java:89)

GPSPRINGSECURITYCORE-5: Spring Security Plugin (ver 0.3.1) - Annotations are not working at the controller level

Original Reporter: amitjain
Environment: Not Specified
Version: Grails-Spring-Security-Core 0.3.1
Migrated From: http://jira.grails.org/browse/GPSPRINGSECURITYCORE-5

Annotations are working at the action level but when given at the controller level, they do not work.

My contoller looks like this:

import grails.plugins.springsecurity.Secured

@secured(['ROLE_ADMIN','ROLE_SUPER_ADMIN'])
class BillingController {...}

On server startup I am also getting the following Exception :

2010-07-01 12:02:34,751 [main] ERROR plugins.DefaultGrailsPluginManager - Error configuring dynamic methods for plugin [springSecurityCore:0.3.1]: EL1041E:(pos 5): After parsing a valid expression, there is still more data in the expression: 'ADMIN'
org.springframework.expression.spel.SpelParseException: EL1041E:(pos 5): After parsing a valid expression, there is still more data in the expression: 'ADMIN'
at SpringSecurityCoreGrailsPlugin$_closure3.doCall(SpringSecurityCoreGrailsPlugin.groovy:454)
at org.grails.tomcat.TomcatServer.start(TomcatServer.groovy:164)
at grails.web.container.EmbeddableServer$start.call(Unknown Source)
at _GrailsRun_groovy$_run_closure5_closure12.doCall(_GrailsRun_groovy:159)
at _GrailsRun_groovy$_run_closure5_closure12.doCall(_GrailsRun_groovy)
at _GrailsSettings_groovy$_run_closure10.doCall(_GrailsSettings_groovy:282)
at _GrailsSettings_groovy$_run_closure10.call(_GrailsSettings_groovy)
at _GrailsRun_groovy$_run_closure5.doCall(_GrailsRun_groovy:150)
at _GrailsRun_groovy$_run_closure5.call(_GrailsRun_groovy)
at _GrailsRun_groovy.runInline(_GrailsRun_groovy:116)
at _GrailsRun_groovy.this$4$runInline(_GrailsRun_groovy)
at _GrailsRun_groovy$_run_closure1.doCall(_GrailsRun_groovy:59)
at RunApp$_run_closure1.doCall(RunApp.groovy:33)
at gant.Gant$_dispatch_closure5.doCall(Gant.groovy:381)
at gant.Gant$_dispatch_closure7.doCall(Gant.groovy:415)
at gant.Gant$_dispatch_closure7.doCall(Gant.groovy)
at gant.Gant.withBuildListeners(Gant.groovy:427)
at gant.Gant.this$2$withBuildListeners(Gant.groovy)
at gant.Gant$this$2$withBuildListeners.callCurrent(Unknown Source)
at gant.Gant.dispatch(Gant.groovy:415)
at gant.Gant.this$2$dispatch(Gant.groovy)
at gant.Gant.invokeMethod(Gant.groovy)
at gant.Gant.executeTargets(Gant.groovy:590)
at gant.Gant.executeTargets(Gant.groovy:589)

GPSPRINGSECURITYCORE-1: Documentation on 11 Custom UserDetailsService

Original Reporter: dominikschuermann
Environment: Grails 1.3.4
Version: Grails-Spring-Security-Core 1.0
Migrated From: http://jira.grails.org/browse/GPSPRINGSECURITYCORE-1

Documentation on http://burtbeckwith.github.com/grails-spring-security-core/docs/manual/guide/11%20Custom%20UserDetailsService.html is not fully correct.

I had to import the following classes to get MyUserDetailsService working:

{code}
import org.codehaus.groovy.grails.plugins.springsecurity.GrailsUserDetailsService
import org.codehaus.groovy.grails.plugins.springsecurity.GrailsUser
import org.springframework.security.core.userdetails.UsernameNotFoundException
{code}

GPSPRINGSECURITYCORE-61: STS cannot infer available attributes from Spring Security tags

Original Reporter: pledbrook
Environment: Not Specified
Version: Grails-Spring-Security-Core 1.0
Migrated From: http://jira.grails.org/browse/GPSPRINGSECURITYCORE-61

GPSPRINGSECURITYCORE-3: Single Authentication Entry Point Per Application

Original Reporter: ibusse
Environment: Ubuntu 10.04, Grails 1.3.3
Version: Grails-Spring-Security-Core 0.4.1
Migrated From: http://jira.grails.org/browse/GPSPRINGSECURITYCORE-3

Plugin creates a single bean 'authenticationEntryPoint' being either form based, basic, digest or x509 authentication. Therefore a grails application can use only one of these authentication methods. Same holds for 'exceptionTranslationFilter'. There is only one defined referencing this 'authenticationEntryPoint'.

In addition it is not possible to reference own beans from within security configuration variables, e.g. to integrate a filter defined in resource.groovy using the grails.plugins.springsecurity.filterChain.chainMap variable. Results in exception 'No bean with that name'. It seems that the beans defined in resource.groovy are constructed only after the security component needs it.

Workaround: Need to check, may be define separate authenticationEntryPoint and exceptionTranslationFilter in resource.groovy and replace the filter chain therein as well.

GPSPRINGSECURITYCORE-12: Reloading issue when Grails domain object change

Original Reporter: bodiam
Environment: Not Specified
Version: Grails-Spring-Security-Core 0.3.1
Migrated From: http://jira.grails.org/browse/GPSPRINGSECURITYCORE-12

There seems to be a reloading issue in the Grails security core plugin. Every time I change a domain class, or something else to trigger a reload, the reloading works fine, but one my next request (I only tested with unprotected as well as with protected controllers), the validation fails:

{code}
2010-06-21 18:28:27,161 [http-8080-1] ERROR [/allseas-ui].[default] - Servlet.service() for servlet default threw exception
java.lang.NullPointerException
at org.codehaus.groovy.grails.plugins.springsecurity.AnnotationFilterInvocationDefinition.determineUrl(AnnotationFilterInvocationDefinition.java:77)
at org.codehaus.groovy.grails.plugins.springsecurity.AbstractFilterInvocationDefinition.getAttributes(AbstractFilterInvocationDefinition.java:76)
at org.springframework.security.access.intercept.AbstractSecurityInterceptor.beforeInvocation(AbstractSecurityInterceptor.java:171)
at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:106)
at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:83)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:97)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:78)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
at org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter.doFilter(RememberMeAuthenticationFilter.java:112)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:54)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:188)
at org.codehaus.groovy.grails.plugins.springsecurity.RequestHolderAuthenticationFilter.doFilter(RequestHolderAuthenticationFilter.java:40)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
at org.codehaus.groovy.grails.plugins.springsecurity.MutableLogoutFilter.doFilter(MutableLogoutFilter.java:79)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:79)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:149)
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:237)
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.codehaus.groovy.grails.web.servlet.filter.GrailsReloadServletFilter.doFilterInternal(GrailsReloadServletFilter.java:104)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.codehaus.groovy.grails.web.servlet.mvc.GrailsWebRequestFilter.doFilterInternal(GrailsWebRequestFilter.java:67)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.codehaus.groovy.grails.web.filters.HiddenHttpMethodFilter.doFilterInternal(HiddenHttpMethodFilter.java:63)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:88)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76)
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:237)
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:849)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:454)
at java.lang.Thread.run(Thread.java:637)
2010-06-21 18:28:28,086 [Thread-447] INFO plugins.DefaultGrailsPlug
{code}

So my guess is that the UrlMapping is not loaded correctly, but I am far from an expert on the Grails internals. If you want more info, or want me to test something, please let me know!

Some relevant sections from my Config:

{code}
// Added by the Spring Security Core plugin:
grails.plugins.springsecurity.userLookup.userDomainClassName = 'com.nidera.risk.allseas.User'
grails.plugins.springsecurity.userLookup.authorityJoinClassName = 'com.nidera.risk.allseas.UserRole'
grails.plugins.springsecurity.authority.className = 'com.nidera.risk.allseas.Role'

// Only use crowd when in online mode
if(allseas.authorization.crowd) {
grails.plugins.springsecurity.providerNames = ['crowdAuthenticationProvider']
}

grails.plugins.springsecurity.voterNames = [
'roleVoter', 'authenticatedVoter'
]
{code}

And my resources.xml

{code}
if (CH.config.allseas.authorization.crowd) {

   crowdAuthenticationProvider(RemoteCrowdAuthenticationProvider, ref('crowdAuthenticationManager'), ref('httpAuthenticator'), ref('userDetailsService'))

   userDetailsService(CrowdUserDetailsServiceImpl) {
       authenticationManager = ref("crowdAuthenticationManager")
       groupMembershipManager = ref("crowdGroupMembershipManager")
       userManager = ref("crowdUserManager")
   }

}

roleVoter(RoleVoter) { rolePrefix = "" }

authenticatedVoter(AuthenticatedVoter)
{code}

I'm running Grails 1.3.2 on a Mac 10.6.4. If you need anything to help to reproduce, let me know!

GPSPRINGSECURITYCORE-58: Document /login/authAjax URL for unauthenticated AJAX request

Original Reporter: pledbrook
Environment: Not Specified
Version: Grails-Spring-Security-Core 1.0
Migrated From: http://jira.grails.org/browse/GPSPRINGSECURITYCORE-58

GPSPRINGSECURITYCORE-23: Spring security plugin not throwing events

Original Reporter: kalarani
Environment: Not Specified
Version: Grails-Spring-Security-Core 0.4
Migrated From: http://jira.grails.org/browse/GPSPRINGSECURITYCORE-23

Unable to catch AuthenticationEvents (like, AuthenticationSuccessEvent, AuthenticationFailureBadCredentialsEvent, etc.,) in the listeners, while using Grails-Spring-Security-Core 0.4.

P.S:

The ProviderManager is initialized with a NullEventPublisher by default and hence none of the events were thrown. Injecting DefaultAuthenticationEventPublisher should solve the issue.

GPSPRINGSECURITYCORE-40: Incorrect property _log in GormPersistentTokenRepository.groovy

Original Reporter: gfdickinson
Environment: Not Specified
Version: Not Specified
Migrated From: http://jira.grails.org/browse/GPSPRINGSECURITYCORE-40

GPSPRINGSECURITYCORE-25: GormUserDetailsService does not use PersonAuthority properly

Original Reporter: dewarim
Environment: Not Specified
Version: Grails-Spring-Security-Core 0.4.1
Migrated From: http://jira.grails.org/browse/GPSPRINGSECURITYCORE-25

Class org.codehaus.groovy.grails.plugins.springsecurity.GormUserDetailsService

Collection<?> userAuthorities = user."$authoritiesPropertyName"
def authorities = userAuthorities.collect { new GrantedAuthorityImpl(it."$authorityPropertyName") }

When using the PersonAuthority-Class "UserRole", it."${authorityPropertyName}" will cause an exception as that class does not have a matching getter.
It should be something like it."${authorityJoinClassName}"."${authorityPropertyName}".

I guess it worked in an older version without a PersonAuthority-class while accessing the Authorities directly (in ch. 4.1, the User class has a getter which returns Authority-objects instead of PersonAuthority).

GPSPRINGSECURITYCORE-28: The actual filterNames property differs from the documented one ('grails.plugins.springsecurity.filterChain.filterNames' vs 'grails.plugins.springsecurity.filterNames')

Original Reporter: davide.cavestro
Environment: Debian GNU/Linux squeeze/sid, SUN jdk 1.6.0_22, Groovy 1.7.4, Grails 1.3.4, Spring Security Core 1.0.1
Version: Grails-Spring-Security-Core 1.0
Migrated From: http://jira.grails.org/browse/GPSPRINGSECURITYCORE-28

Hi,
I guess the plugin loads filter names from {{grails.plugins.springsecurity}}{{.filterChain}}{{.filterNames}}, instead of {{grails.plugins.springsecurity.filterNames}} (that is the property referenced in the documentation [Filters chapter|http://burtbeckwith.github.com/grails-spring-security-core/docs/manual/guide/single.html#16%20Filters]).

Here you are a snippet from SpringSecurityCoreGrailsPlugin.groovy
{code:title=SpringSecurityCoreGrailsPlugin.groovy|borderStyle=solid}

...
def conf = SpringSecurityUtils.securityConfig
...
SortedMap<Integer, String> filterNames = findFilterChainNames(conf)
...

private SortedMap<Integer, String> findFilterChainNames(conf) {
SortedMap<Integer, String> orderedNames = new TreeMap()

// if the user listed the names, use those
def filterNames = conf.filterChain.filterNames
if (filterNames) {
...
{code}

I could be missing something, but I've seen at least that\

{{findFilterChainNames(conf)}} is invoked passing a {{SpringSecurityUtils.securityConfig}} reference

the documented property seems ignored

if I set {{grails.plugins.springsecurity}}{{.filterChain}}{{.filterNames}} everything works fine (i.e. I obtain the right behavior).\

Kind regards
Davide

PS: I've created this issue against the 1.0 version, cause I've not found a 1.0.1 one for the plugin component (but there are two 1.0... maybe it's a typo).
I also noticed that the 'grails.plugins.springsecurity.filterChain.chainMap' property example ends with a comma (maybe a typo?).
Many thanks for such great plugins:-)

GPSPRINGSECURITYCORE-63: Allow users to set their own roleVoter prefix.

Original Reporter: john.moeller
Environment: Windows XP, Grails 1.3.2,
Version: Grails-Spring-Security-Core 1.1
Migrated From: http://jira.grails.org/browse/GPSPRINGSECURITYCORE-63

GPSPRINGSECURITYCORE-36: AjaxAwareAuthenticationFailureHandler does not save exception for Ajax requests resulting in inability of LoginController to respond with error message

Original Reporter: mschlobo
Environment: Not Specified
Version: Grails-Spring-Security-Core 1.0
Migrated From: http://jira.grails.org/browse/GPSPRINGSECURITYCORE-36

AjaxAwareAuthenticationFailureHandler does not save exception for Ajax requests resulting in inability of LoginController to respond with error message

Adding the line "super.saveException(request, exception);" at "// HERE" in the snippet below seems to resolve this problem.

{code}
if (SpringSecurityUtils.isAjax(request)) {
// HERE
getRedirectStrategy().sendRedirect(request, response, _ajaxAuthenticationFailureUrl);
}
else {
super.onAuthenticationFailure(request, response, exception);
}
{code}

GPSPRINGSECURITYCORE-33: Documentation should explicitly state that portMapper.httpPort and portMapper.httpsPort must be string values.

Original Reporter: rabrab
Environment: Not Specified
Version: Grails-Spring-Security-Core 0.4.1
Migrated From: http://jira.grails.org/browse/GPSPRINGSECURITYCORE-33

This is unclear in the documentation and gives no error message at startup. However, very strange behaviour will follow at runtime, you'll end up in redirect loops.

When setting these in your config.groovy, you NEED to use quotes, because values MUST be strings.
grails.plugins.springsecurity.portMapper.httpPort = "8080"
grails.plugins.springsecurity.portMapper.httpsPort = "8443"

If you do this:
grails.plugins.springsecurity.portMapper.httpPort = 8080
grails.plugins.springsecurity.portMapper.httpsPort = 8443
you'll get no error message, but redirect loops when you call a REQUIRES_SECURE_CHANNEL -URL with http://...
Instead of redirecting it to https://... there will be a redirect loop.

GPSPRINGSECURITYCORE-31: Mongodb-1.0.0.M1 plugin usage with spring-security-core plugin fails

Original Reporter: nisabek
Environment: MongoDB 1.6.3, Windows 7
Version: Not Specified
Migrated From: http://jira.grails.org/browse/GPSPRINGSECURITYCORE-31

Hi,

A couple of days ago a new Mongo integration plugin has been anounced - Mongodb-1.0.0.M1. It works fine when installed alone, but as soon as I install the spring-security-core plugin and start the application it gives me an exception on start-up: please see first attachement - SpringSecurityError.txt

I used the standart spring-security-core installation with the example application setup.

I supposed that it is connected with the SpringSecurityCore plugin using some services as transactional. I created my custom MyUserDetailsService class (implemented it from GrailsUserDetailsService), configured it in resources.groovy as a bean, and put it as transactional = false.

The application managed to start without any exceptions, but as soon as I enter the LoginController (created by the SSC plugin) and try to login with any username and password I get an exception (Please see the second attachement: MongoException.txt)

Then goes the interesting part: when I refresh the page of login/auth, and then try to login again, and this time I do not get any exception.

Then I refresh the page again....and get the exception again...

I tried to debug the codes - the org.springframework.datastore.mapping.mongo.MongoDatastore.java and figured that when I refresh the page it enters the createSession(Map<String, String> connectionDetails) several times and puts the session into the pool of sessions, then it enters clearCurrentConnection() method of org.springframework.datastore.mapping.core.AbstrtactDatastore.java again several times and sets the pool connection to null, then again enters createSession...and so on.

In some of the refresh cases the last clearCurrentConnection is not being called and the I do not get the exception.

Could you please have a look and help me figure this out.

Thanks in advance,
Nune.

GPSPRINGSECURITYCORE-41: GrailsUser.groovy assumes that domain object IDs are long

Original Reporter: stscherer
Environment: Not Specified
Version: Grails-Spring-Security-Core 0.2
Migrated From: http://jira.grails.org/browse/GPSPRINGSECURITYCORE-41

I have a domain model that uses Strings for object IDs (uuid).
Currently grails blows up when a user tries to authenticate.


Configuring Spring Security ...
Server running. Browse to http://localhost:8080/idcentral
2010-05-06 20:53:50,785 [http-8080-3] ERROR [/idcentral].[default]  - Servlet.service() for servlet default threw exception
groovy.lang.GroovyRuntimeException: Could not find matching constructor for: org.codehaus.groovy.grails.plugins.springsecurity.GrailsUser(java.lang.String, java.lang.String, java.lang.Boolean, java.lang.Boolean, java.lang.Boolean, java.lang.Boolean, java.util.ArrayList, java.lang.String)
    at groovy.lang.MetaClassImpl.invokeConstructor(MetaClassImpl.java:1484)
...

I'm a novice, but it seems like just adding an additional constructor (w/ String as last arg) to the class would solve the issue. I've patched for now by doing the following:

Place a modified copy of GrailsUser.groovy in my project src/groovy.
Modified the class to expect and return a String.

FWIW - I'm very excited about the new plugin; patiently waiting for ACLs :)
-Steve

GPSPRINGSECURITYCORE-14: Cannot do AJAX call on secured url

Original Reporter: crivera
Environment: windows grails 1.3.3
Version: Grails-Spring-Security-Core 1.1
Migrated From: http://jira.grails.org/browse/GPSPRINGSECURITYCORE-14

I created a new Grails Project and installed spring security core plugin.

Everything works fine but when i try to make an AJAX call to a secured url it returns the login template html.

here is pseudo code:

Ajax.Get("http://localhost:8080/myApp/secured/personInfo/1")

i tried to add the jsessionId like this but it doesnt work

Ajax.Get("http://localhost:8080/myApp/secured/personInfo/1;jsessionId=123")

this also means that no browsers that have their cookies disabled can use these websites...

thanks
chris

GPSPRINGSECURITYCORE-49: Request to support useSecureCookie on RememberMe cookie

Original Reporter: jshingler
Environment: Not Specified
Version: Not Specified
Migrated From: http://jira.grails.org/browse/GPSPRINGSECURITYCORE-49

Spring Security 3.0.3 added SetUseSecureCookie to the AbstractRememberMeService.

please add support in Grails Spring Security.

GPSPRINGSECURITYCORE-52: Document how to specify multiple rules for a Requestmap

Original Reporter: pledbrook
Environment: Not Specified
Version: Not Specified
Migrated From: http://jira.grails.org/browse/GPSPRINGSECURITYCORE-52

The documentation gives an example of how to create {{Requestmap}} instances, but it does not explain how to provide multiple rules per {{Requestmap}}, e.g.
{code}
new Requestmap(url:'/admin/**', configAttribute: 'ROLE_ADMIN,IS_AUTHENTICATED_FULLY').save()
{code}

GPSPRINGSECURITYCORE-16: grails s2-quickstart hangs and then hangs all grails commands until uninstalled

Original Reporter: virtualpt
Environment: I am running under Windows XP with Grails 1.3.0
Version: Not Specified
Migrated From: http://jira.grails.org/browse/GPSPRINGSECURITYCORE-16

I have tried to follow the Grails Spring Security Core tutorial in the official documentation. I have installed the latest version 0.4.1.

When I run 'grails s2-quickstart com.testapp User Role' the script hangs just after showing Base Directory: C:\dev\java_dev\sectest, I can then run no other grails commands, they all hang at the same place.

Example usage:
C:\dev\java_dev\sectest>grails install-plugin spring-security-core
Welcome to Grails 1.3.0 - http://grails.org/
Licensed under Apache Standard License 2.0
Grails home is set to: C:\grails-1.3.0

Base Directory: C:\dev\java_dev\sectest
Resolving dependencies...
Dependencies resolved in 844ms.
Running script C:\grails-1.3.0\scripts\InstallPlugin.groovy
Environment set to development
Resolving plugin spring-security-core. Please wait...

Installing zip C:\Documents and Settings\Paul.ivy2\cache\org.grails.plugins\spr
ing-security-core\zips\spring-security-core-0.4.1.zip... ...
[mkdir] Created dir: C:\Documents and Settings\Paul.grails\1.3.0\projects\s
ectest\plugins\spring-security-core-0.4.1
[unzip] Expanding: C:\Documents and Settings\Paul.ivy2\cache\org.grails.plu
gins\spring-security-core\zips\spring-security-core-0.4.1.zip into C:\Documents
and Settings\Paul.grails\1.3.0\projects\sectest\plugins\spring-security-core-0.
4.1
Installed plugin spring-security-core-0.4.1 to location C:\Documents and Setting
s\Paul.grails\1.3.0\projects\sectest\plugins/spring-security-core-0.4.1. ...
Resolving plugin JAR dependencies ...
Executing spring-security-core-0.4.1 plugin post-install script ...

You've installed the Spring Security Core plugin. *

Next run the "s2-quickstart" script to initialize *
Spring Security and create your domain classes. *

Plugin spring-security-core-0.4.1 installed

Plugin provides the following new scripts:

grails s2-create-persistent-token
grails s2-quickstart
C:\dev\java_dev\sectest>grails s2-quickstart com.javacoda.sectest SecUser SecRol
e
Welcome to Grails 1.3.0 - http://grails.org/
Licensed under Apache Standard License 2.0
Grails home is set to: C:\grails-1.3.0

Base Directory: C:\dev\java_dev\sectest

Ctrl C here after several minutes
Terminate batch job (Y/N)? y

GPSPRINGSECURITYCORE-10: CLONE -Spring security plugin not throwing events

Original Reporter: daniel_henrique
Environment: Not Specified
Version: Grails-Spring-Security-Core 0.4
Migrated From: http://jira.grails.org/browse/GPSPRINGSECURITYCORE-10

Unable to catch AuthenticationEvents (like, AuthenticationSuccessEvent, AuthenticationFailureBadCredentialsEvent, etc.,) in the listeners, while using Grails-Spring-Security-Core 0.4.

P.S:

The ProviderManager is initialized with a NullEventPublisher by default and hence none of the events were thrown. Injecting DefaultAuthenticationEventPublisher should solve the issue.

GPSPRINGSECURITYCORE-50: configuration provisions for custom remember-me services

Original Reporter: stoicflame
Environment: Not Specified
Version: Not Specified
Migrated From: http://jira.grails.org/browse/GPSPRINGSECURITYCORE-50

We need to be able to supply a custom implementation of {{org.springframework.security.web.authentication.RememberMeServices}} because we've got some custom cookies that we need to support for integration with a legacy system. Same kind of problem as [this guy|http://stackoverflow.com/questions/2608372/spring-security-rememberme-services-with-session-cookie].

I currently can't see any provisions for custom remember-me services in the spring-security-core plugin.

GPSPRINGSECURITYCORE-20: Services not injected to User domain class

Original Reporter: samcarr
Environment: OS X, Java 1.6, Grails 1.3.2
Version: Grails-Spring-Security-Core 1.0
Migrated From: http://jira.grails.org/browse/GPSPRINGSECURITYCORE-20

GPSPRINGSECURITYCORE-35: Spring Security Core Plugin cannot use secondary Datasource of Datasources Plugin

Original Reporter: thomasbee
Environment: Windows XP, Grails 1.3.3., mySQL Community Server 5.1.46
Version: Not Specified
Migrated From: http://jira.grails.org/browse/GPSPRINGSECURITYCORE-35

The Spring Security Core Plugin's User, Role and UserRole classes cannot be mapped to a secondary datasource configured using the Datasources plugin. When mapping the aforementioned entities to a secondary datasource configured in Datasources.groovy, the Security Plugin keeps querying the primary datasource configured in DataSource.groovy.

This can be easily reproduced with the attached report. Create two databases foo1 / foo2 with according users. The attachment is the working configuration. Change the line in Datasources.groovy to move domain classes to the secondary datasource. As long as the same user still exists in the primary datasource, one can still login. Change that user's password in the primary DB (or delete him) and one can no longer login.

GPSPRINGSECURITYCORE-8: Error on domain class change in development mode

Original Reporter: willy
Environment: Not Specified
Version: Grails-Spring-Security-Core 0.2
Migrated From: http://jira.grails.org/browse/GPSPRINGSECURITYCORE-8

When changing and saving domain class source code in development mode (i.e. when Grails tries to reload the app) I get the following error and the app is terminated:

e2010-05-11 23:49:04,773 [main] ERROR context.GrailsContextLoader - Error executing bootstraps: Error creating bean with name 'filterInvocationInterceptor': Cannot resolve reference to bean 'objectDefinitionSource' while setting bean property 'objectDefinitionSource'; nested exception is org.springframework.beans.factory.NoSuchBeanDefinitionException: No bean named 'objectDefinitionSource' is defined
org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'filterInvocationInterceptor': Cannot resolve reference to bean 'objectDefinitionSource' while setting bean property 'objectDefinitionSource'; nested exception is org.springframework.beans.factory.NoSuchBeanDefinitionException: No bean named 'objectDefinitionSource' is defined
at org.grails.tomcat.TomcatServer.start(TomcatServer.groovy:164)
at grails.web.container.EmbeddableServer$start.call(Unknown Source)
at grails.web.container.EmbeddableServer$start.call(Unknown Source)
at _GrailsRun_groovy$_run_closure5_closure12.doCall(_GrailsRun_groovy:159)
at _GrailsRun_groovy$_run_closure5_closure12.doCall(_GrailsRun_groovy)
at _GrailsSettings_groovy$_run_closure10.doCall(_GrailsSettings_groovy:282)
at _GrailsSettings_groovy$_run_closure10.call(_GrailsSettings_groovy)
at _GrailsRun_groovy$_run_closure5.doCall(_GrailsRun_groovy:150)
at _GrailsRun_groovy$_run_closure5.call(_GrailsRun_groovy)
at _GrailsRun_groovy.runInline(_GrailsRun_groovy:116)
at _GrailsRun_groovy.this$4$runInline(_GrailsRun_groovy)
at _GrailsRun_groovy$_run_closure1.doCall(_GrailsRun_groovy:59)
at _GrailsRun_groovy$_run_closure8_closure14.doCall(_GrailsRun_groovy:261)
at _GrailsRun_groovy$_run_closure8_closure14.doCall(_GrailsRun_groovy)
at _GrailsPackage_groovy$_run_closure8.doCall(_GrailsPackage_groovy:301)
at _GrailsPackage_groovy$_run_closure8.call(_GrailsPackage_groovy)
at _GrailsRun_groovy$_run_closure8.doCall(_GrailsRun_groovy:243)
at RunApp$_run_closure1.doCall(RunApp.groovy:35)
at gant.Gant$_dispatch_closure5.doCall(Gant.groovy:381)
at gant.Gant$_dispatch_closure7.doCall(Gant.groovy:415)
at gant.Gant$_dispatch_closure7.doCall(Gant.groovy)
at gant.Gant.withBuildListeners(Gant.groovy:427)
at gant.Gant.this$2$withBuildListeners(Gant.groovy)
at gant.Gant$this$2$withBuildListeners.callCurrent(Unknown Source)
at gant.Gant.dispatch(Gant.groovy:415)
at gant.Gant.this$2$dispatch(Gant.groovy)
at gant.Gant.invokeMethod(Gant.groovy)
at gant.Gant.executeTargets(Gant.groovy:590)
at gant.Gant.executeTargets(Gant.groovy:589)
Caused by: org.springframework.beans.factory.NoSuchBeanDefinitionException: No bean named 'objectDefinitionSource' is defined
... 29 more

GPSPRINGSECURITYCORE-11: Conflict of Spring Security Core Config with CloudFoundryDeploy deploy script

Original Reporter: willy
Environment: Not Specified
Version: Grails-Spring-Security-Core 0.1
Migrated From: http://jira.grails.org/browse/GPSPRINGSECURITYCORE-11

This line in Config.groovy:

grails.plugins.springsecurity.securityConfigType = grails.plugins.springsecurity.SecurityConfigType.Requestmap

causes the following error when running 'grails cloud-foundry-deploy':

Error executing script CloudFoundryDeploy: grails.plugins.springsecurity.SecurityConfigType
java.lang.NoClassDefFoundError: grails.plugins.springsecurity.SecurityConfigType
at Config.class$(Config.groovy)
at Config.$get$$class$grails$plugins$springsecurity$SecurityConfigType(Config.groovy)
at Config.run(Config.groovy:91)
at _GrailsPackage_groovy$_run_closure1.doCall(_GrailsPackage_groovy:52)
at _CloudFoundryBase_groovy$_run_closure1.doCall(_CloudFoundryBase_groovy:26)
at _CloudFoundryBase_groovy$_run_closure5.doCall(_CloudFoundryBase_groovy:121)
at CloudFoundryDeploy$_run_closure1.doCall(CloudFoundryDeploy:5)
at gant.Gant$_dispatch_closure5.doCall(Gant.groovy:381)
at gant.Gant$_dispatch_closure7.doCall(Gant.groovy:415)
at gant.Gant$_dispatch_closure7.doCall(Gant.groovy)
at gant.Gant.withBuildListeners(Gant.groovy:427)
at gant.Gant.this$2$withBuildListeners(Gant.groovy)
at gant.Gant$this$2$withBuildListeners.callCurrent(Unknown Source)
at gant.Gant.dispatch(Gant.groovy:415)
at gant.Gant.this$2$dispatch(Gant.groovy)
at gant.Gant.invokeMethod(Gant.groovy)
at gant.Gant.executeTargets(Gant.groovy:590)
at gant.Gant.executeTargets(Gant.groovy:589)
Error executing script CloudFoundryDeploy: grails.plugins.springsecurity.SecurityConfigType

GPSPRINGSECURITYCORE-7: Not able to catch UsernameNotFoundException

Original Reporter: kalarani
Environment: Not Specified
Version: Grails-Spring-Security-Core 0.4.1
Migrated From: http://jira.grails.org/browse/GPSPRINGSECURITYCORE-7

GPSPRINGSECURITYCORE-67: Consider changing default password column name to something other than "password"

Original Reporter: stscherer
Environment: Not Specified
Version: Grails-Spring-Security-Core 0.3.1
Migrated From: http://jira.grails.org/browse/GPSPRINGSECURITYCORE-67

"password" is a reserved word in Oracle.

http://download.oracle.com/docs/cd/B16240_01/doc/install.102/e10953/app_oracle_reserved_words.htm

It appears that to workaround this, in the class template mapping, you have used backticks to somehow bypass the Oracle constraint. This is fine for when hibernate accesses the table, but outside Grails/Hibernate, it makes working with the table impossible (such as SQL*Plus scripts or a data conversion script that uses Groovy SQL).

Caught: java.sql.SQLSyntaxErrorException: ORA-00904: "PASSWORD": invalid identifier

Of course I have modified my domain class mapping to use a different column name (e.g. "passwd"), so I am fine with that; just thinking that with all the Oracle users out there, choosing an Oracle-friendly default would be very cool...

Thanks again for all your good work.
-Steve

GPSPRINGSECURITYCORE-54: Better docs for salted password

Original Reporter: burtbeckwith
Environment: Not Specified
Version: Not Specified
Migrated From: http://jira.grails.org/browse/GPSPRINGSECURITYCORE-54

GPSPRINGSECURITYCORE-4: SpringSecurityService is not injected in BootStrap.groovy

Original Reporter: jpaschoud
Environment: Ubuntu 10.4 / Netbean 6.9.1 / Grails 1.3.4
Version: Not Specified
Migrated From: http://jira.grails.org/browse/GPSPRINGSECURITYCORE-4

Hi,

In my "BootStrap.groovy" I want to create user statically. In order to do that and according to the tutorial, one should create a user the following way:

{code}

def init = { servletContext ->

def springSecurityService

def person = new User  (username:     "sbob"
                           ,userRealName: "Sponge Bob"
                           ,email:        "[email protected]"
                           ,description:  "Bob's Account"
                           ,passwd:       springSecurityService.encodePassword("Password")
                           ,enabled:      true
                           ).save(failOnError:true)

...
{code}

"User" class being a sub-class of "SecUser" (the class generated by the "plug-in")

When I try to run my application, I systematically get an "Error executing bootstraps: Cannot invoke method encodePassword() on null object" which leads me to think that the SpringSecurityService is not injected.

Any help would be very welcome.

Regards Jerome

GPSPRINGSECURITYCORE-38: Default LoginController does not handle failed AJAX login correctly

Original Reporter: pledbrook
Environment: Not Specified
Version: Grails-Spring-Security-Core 1.0
Migrated From: http://jira.grails.org/browse/GPSPRINGSECURITYCORE-38

If an authentication attempt via AJAX fails, no error message is selected and hence the {{LoginController.authfail}} action renders the JSON string {{{"error": ""}}}.

To see what I mean, unpack the attached project and run it. Then go to {{/login/auth}} and log in with the username "peter", password "password". In another tab, go to the home page and sign out. Now go back to the other tab and try to post a message. An AJAX login form will pop up. Enter some incorrect credentials and attempt to log in. The correct error message is not displayed.

GPSPRINGSECURITYCORE-22: grails s2-create-persistent-token script fails due to missing fullClassName property

Original Reporter: kristox
Environment: Not Specified
Version: Grails-Spring-Security-Core 0.4.1
Migrated From: http://jira.grails.org/browse/GPSPRINGSECURITYCORE-22

When going through the the openid tutorial, we noticed that the following
command fails

grails s2-create-persistent-token com.openidtest.PersistentLogin

with

groovy.lang.MissingPropertyException: No such property: fullClassName for
class: S2CreatePersistentToken
at
S2CreatePersistentToken$_updateConfig_closure2.doCall(S2CreatePersistentToken:63)
at S2CreatePersistentToken.updateConfig(S2CreatePersistentToken:61)
...

Simple workaround is to ignore the error and update Config.java manually with grails.plugins.springsecurity.rememberMe.persistentToken.domainClassName = yourClassName

GPSPRINGSECURITYCORE-62: Reload changes to 'static map' config in Spring Security plugin

Original Reporter: pledbrook
Environment: Not Specified
Version: Grails-Spring-Security-Core 0.4
Migrated From: http://jira.grails.org/browse/GPSPRINGSECURITYCORE-62

GPSPRINGSECURITYCORE-60: Allow use of controller,action,parameters with sec:access

Original Reporter: pred
Environment: Not Specified
Version: Grails-Spring-Security-Core 1.0
Migrated From: http://jira.grails.org/browse/GPSPRINGSECURITYCORE-60

Allow use of [controller/action?/parameters?] could lead to a better DRY design for security rules used in both controller and views.
For instance :

{code}
UserController{
@secured("ROLE_ADMIN")
def delete = {...}
}
{code}

{code}
<sec:access controller='user' action='delete'>
<g:link ...>
/sec:access
{code}

GPSPRINGSECURITYCORE-27: Username field in login form isn't focussed on page load

Original Reporter: willy
Environment: Not Specified
Version: Grails-Spring-Security-Core 0.2
Migrated From: http://jira.grails.org/browse/GPSPRINGSECURITYCORE-27

auth.gsp contains the following code at the bottom

document.forms['loginForm'].elements['username'].focus();

This actually should be

document.forms['loginForm'].elements['j_username'].focus();

GPSPRINGSECURITYCORE-97: Pure LDAP authentication failes when Spring Security is not the default namespace in resources.xml

Original Reporter: gregturn
Environment: Windows XP, Grails 1.2-M2, Spring Security 2.0.4, using resources.xml to define Security components
Version: Not Specified
Migrated From: http://jira.grails.org/browse/GPSPRINGSECURITYCORE-97

Just went through Spring Security, thinking it was a bug in their system (https://jira.springsource.org/browse/SEC-1244), and confirmed it was not. This is a Grails bug.

I coded a pure LDAP authentication/authorization solution (no DAO entities) with the following XML configuration.

security:http
<security:intercept-url pattern="/**" access="ROLE_USER" />
<security:form-login />
<security:anonymous />
<security:http-basic />
<security:logout />
/security:http
<security:ldap-server url=""/>
<security:ldap-authentication-provider user-dn-pattern="uid={0},ou=people"/>

/beans:beans

This generated the error message:

2009-09-10 12:32:42,328 [main] ERROR [localhost].[/] - Exception sending context initialized event to listener instance of class org.codehaus.groovy.grails.web.context.GrailsContextLoaderListener org.springframework.beans.factory.access.BootstrapException: Error executing bootstraps; nested exception is org.springframework.security.config.SecurityConfigurationException: No SpringSecurityContextSource instances found. Have you added an element to your application context?

I altered resources.xml to make security namespace the default...

<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.4.xsd">

/beans:beans

Everything works now!

I know this isn't a Spring Security issue, because I just ran a pure Java/Swing application using this configuration:

<context:component-scan base-package="<scrubbed packagename>"/>

<bean id="securityAspect" class="<scrubbed classname>" factory-method="aspectOf">
    <property name="securityInterceptor"><ref bean="securityInterceptor"/></property>
</bean>

<security:ldap-server url="<scrubbed url>"/>
<security:ldap-authentication-provider user-dn-pattern="uid={0},ou=people"/>
<security:authentication-manager alias="authenticationManager"/>

<context:load-time-weaver/>

GPSPRINGSECURITYCORE-59: Add getAuthenticatedUser metaclass method to controllers

Original Reporter: burtbeckwith
Environment: Not Specified
Version: Not Specified
Migrated From: http://jira.grails.org/browse/GPSPRINGSECURITYCORE-59

GPSPRINGSECURITYCORE-57: Upgrade grails spring-security-core from spring security 3.0.3 to 3.0.4

Original Reporter: hloeblich
Environment: Any
Version: Grails-Spring-Security-Core 1.0
Migrated From: http://jira.grails.org/browse/GPSPRINGSECURITYCORE-57

The current release of Grails Spring Security Core 1.0.1 has dependencies for Spring Security 3.0.3, and a newer release(3.0.4) is available.

Upgrading the grails plugin to use the latest spring security would be much appreciated as bugfixes in this release would be helpful to me.

GPSPRINGSECURITYCORE-43: Addition of non-subclass of RoleVoter

Original Reporter: richkroll
Environment: Not Specified
Version: Grails-Spring-Security-Core 1.1
Migrated From: http://jira.grails.org/browse/GPSPRINGSECURITYCORE-43

GPSPRINGSECURITYCORE-21: integration tests fail with "Spring Security is disabled, not loading"

Original Reporter: marcusb
Environment: Grails 1.3.4, OpenJDK 6, Debian Linux x86_64
Version: Grails-Spring-Security-Core 1.0
Migrated From: http://jira.grails.org/browse/GPSPRINGSECURITYCORE-21

Integration tests have started to fail in my application with "grails test-app". The output says "Spring Security is disabled, not loading" during integration test phase, which causes the tests to fail since various beans cannot be instantiated.

The weird thing is that everything works with "grails test-app integration:" (running only the integration tests).

I use Spring Security Core, UI, OpenID and OAuth consumer plugins, the last one is a locally hacked version (I plan to submit some of the work). There might be something wrong with the OAuth plugin or my changes, since it all used to work before I added the OAuth plugin.

Here are the plugins I use:
{code}
app.grails.version=1.3.4
app.servlet.version=2.4
app.version=0.1
plugins.app-info=0.3
plugins.auto-test=0.1
plugins.code-coverage=1.1.8
plugins.codenarc=0.6.1
plugins.cometd=0.2.1
plugins.dynamic-controller=0.2.1
plugins.famfamfam=1.0.1
plugins.google-visualization=0.2.2
plugins.hibernate=1.3.4
plugins.include=0.3
plugins.jquery=1.4.2.5
plugins.jquery-ui=1.8.2.4
plugins.mail=0.9
plugins.quartz=0.4.2
plugins.spring-events=1.0
plugins.spring-security-core=1.0.1
plugins.spring-security-oauth-consumer=0.1
plugins.spring-security-openid=1.0
plugins.spring-security-ui=0.1.1
plugins.tomcat=1.3.4
{code}

Output from failing test run:
{code}
$ grails test-app
Welcome to Grails 1.3.4 - http://grails.org/
Licensed under Apache Standard License 2.0
Grails home is set to: /home/marcus/grails

Base Directory: /home/marcus/myproj/myproj
Resolving dependencies...
:: problems summary ::
:::: WARNINGS
namespace not found for javax.servlet#servlet-api;2.5: maven2

Dependencies resolved in 9326ms.
Running script /home/marcus/grails/scripts/TestApp.groovy
Environment set to test
Loading user property file /home/marcus/build.properties
[mkdir] Created dir: /home/marcus/myproj/myproj/target/test-reports/html
[mkdir] Created dir: /home/marcus/myproj/myproj/target/test-reports/plain

Starting unit test phase ...
[mkdir] Created dir: /home/marcus/myproj/myproj/target/test-classes/unit
[groovyc] Compiling 27 source files to /home/marcus/myproj/myproj/target/test-classes/unit

Running 104 unit tests...
Running test FooBarTests...PASSED

Tests Completed in 19224ms ...

Tests passed: 102

Tests failed: 1

Starting integration test phase ...
Loading user property file /home/marcus/build.properties
Unable to load specified config location classpath:myproj-config.groovy : class path resource [myproj-config.groovy] cannot be opened because it does not exist
2010-09-02 09:27:09,718 [main] INFO plugins.DefaultGrailsPluginManager - Attempting to load [0] user defined plugins
2010-09-02 09:27:11,596 [main] INFO cfg.Environment - Hibernate 3.3.1.GA
2010-09-02 09:27:11,659 [main] INFO cfg.Environment - hibernate.properties not found
2010-09-02 09:27:11,664 [main] INFO cfg.Environment - Bytecode provider name : javassist
2010-09-02 09:27:11,696 [main] INFO cfg.Environment - using JDK 1.4 java.sql.Timestamp handling
2010-09-02 09:27:12,969 [main] INFO plugins.DefaultGrailsPluginManager - Grails plug-in [logging] with version [1.3.4] loaded successfully
2010-09-02 09:27:12,969 [main] INFO plugins.DefaultGrailsPluginManager - Grails plug-in [filters] with version [1.3.4] loaded successfully
2010-09-02 09:27:12,969 [main] INFO plugins.DefaultGrailsPluginManager - Grails plug-in [core] with version [1.3.4] loaded successfully
2010-09-02 09:27:12,978 [main] INFO plugins.DefaultGrailsPluginManager - Grails plug-in [urlMappings] with version [1.3.4] loaded successfully
2010-09-02 09:27:12,978 [main] INFO plugins.DefaultGrailsPluginManager - Grails plug-in [codecs] with version [1.3.4] loaded successfully
2010-09-02 09:27:12,978 [main] INFO plugins.DefaultGrailsPluginManager - Grails plug-in [servlets] with version [1.3.4] loaded successfully
2010-09-02 09:27:12,978 [main] INFO plugins.DefaultGrailsPluginManager - Grails plug-in [i18n] with version [1.3.4] loaded successfully
2010-09-02 09:27:12,979 [main] INFO plugins.DefaultGrailsPluginManager - Grails plug-in [jquery] with version [1.4.2.5] loaded successfully
2010-09-02 09:27:12,979 [main] INFO plugins.DefaultGrailsPluginManager - Grails plug-in [dynamicController] with version [0.2.1] loaded successfully
2010-09-02 09:27:13,008 [main] INFO plugins.DefaultGrailsPluginManager - Grails plug-in [codeCoverage] with version [1.1.8] loaded successfully
2010-09-02 09:27:13,009 [main] INFO plugins.DefaultGrailsPluginManager - Grails plug-in [autoTest] with version [0.1] loaded successfully
2010-09-02 09:27:13,009 [main] INFO plugins.DefaultGrailsPluginManager - Grails plug-in [famfamfam] with version [1.0.1] loaded successfully
2010-09-02 09:27:13,009 [main] INFO plugins.DefaultGrailsPluginManager - Grails plug-in [mail] with version [0.9] loaded successfully
2010-09-02 09:27:13,009 [main] INFO plugins.DefaultGrailsPluginManager - Grails plug-in [tomcat] with version [1.3.4] loaded successfully
2010-09-02 09:27:13,009 [main] INFO plugins.DefaultGrailsPluginManager - Grails plug-in [codenarc] with version [0.6.1] loaded successfully
2010-09-02 09:27:13,009 [main] INFO plugins.DefaultGrailsPluginManager - Grails plug-in [cometd] with version [0.2.1] loaded successfully
2010-09-02 09:27:13,009 [main] INFO plugins.DefaultGrailsPluginManager - Grails plug-in [springEvents] with version [1.0] loaded successfully
2010-09-02 09:27:13,009 [main] INFO plugins.DefaultGrailsPluginManager - Grails plug-in [googleVisualization] with version [0.2.2] loaded successfully
2010-09-02 09:27:13,009 [main] INFO plugins.DefaultGrailsPluginManager - Grails plug-in [gmetrics] with version [0.2.1] loaded successfully
2010-09-02 09:27:13,011 [main] INFO plugins.DefaultGrailsPluginManager - Grails plug-in [jqueryUi] with version [1.8.2.4] loaded successfully
2010-09-02 09:27:13,013 [main] INFO plugins.DefaultGrailsPluginManager - Grails plug-in [appInfo] with version [0.3] loaded successfully
2010-09-02 09:27:13,013 [main] INFO plugins.DefaultGrailsPluginManager - Grails plug-in [include] with version [0.3] loaded successfully
2010-09-02 09:27:13,014 [main] INFO plugins.DefaultGrailsPluginManager - Grails plug-in [dataSource] with version [1.3.4] loaded successfully
2010-09-02 09:27:13,015 [main] INFO plugins.DefaultGrailsPluginManager - Grails plug-in [controllers] with version [1.3.4] loaded successfully
2010-09-02 09:27:13,015 [main] INFO plugins.DefaultGrailsPluginManager - Grails plug-in [groovyPages] with version [1.3.4] loaded successfully
2010-09-02 09:27:13,015 [main] INFO plugins.DefaultGrailsPluginManager - Grails plug-in [scaffolding] with version [1.3.4] loaded successfully
2010-09-02 09:27:13,018 [main] INFO plugins.DefaultGrailsPluginManager - Grails plug-in [mimeTypes] with version [1.3.4] loaded successfully
2010-09-02 09:27:13,018 [main] INFO plugins.DefaultGrailsPluginManager - Grails plug-in [domainClass] with version [1.3.4] loaded successfully
2010-09-02 09:27:13,021 [main] INFO plugins.DefaultGrailsPluginManager - Grails plug-in [hibernate] with version [1.3.4] loaded successfully
2010-09-02 09:27:13,022 [main] INFO plugins.DefaultGrailsPluginManager - Grails plug-in [services] with version [1.3.4] loaded successfully
2010-09-02 09:27:13,022 [main] INFO plugins.DefaultGrailsPluginManager - Grails plug-in [validation] with version [1.3.4] loaded successfully
2010-09-02 09:27:13,022 [main] INFO plugins.DefaultGrailsPluginManager - Grails plug-in [converters] with version [1.3.4] loaded successfully
2010-09-02 09:27:13,022 [main] INFO plugins.DefaultGrailsPluginManager - Grails plug-in [springSecurityCore] with version [1.0.1] loaded successfully
2010-09-02 09:27:13,022 [main] INFO plugins.DefaultGrailsPluginManager - Grails plug-in [quartz] with version [0.4.2] loaded successfully
2010-09-02 09:27:13,023 [main] INFO plugins.DefaultGrailsPluginManager - Grails plug-in [springSecurityOpenid] with version [1.0] loaded successfully
2010-09-02 09:27:13,023 [main] INFO plugins.DefaultGrailsPluginManager - Grails plug-in [springSecurityOauthConsumer] with version [0.1] loaded successfully
2010-09-02 09:27:13,024 [main] INFO plugins.DefaultGrailsPluginManager - Grails plug-in [springSecurityUi] with version [0.1.1] loaded successfully
2010-09-02 09:27:14,944 [main] INFO spring.GrailsWebApplicationContext - Refreshing org.codehaus.groovy.grails.commons.spring.GrailsWebApplicationContext@6cea6c99: startup date [Thu Sep 02 09:27:14 CEST 2010]; root of context hierarchy
2010-09-02 09:27:15,042 [main] INFO support.DefaultListableBeanFactory - Pre-instantiating singletons in org.springframework.beans.factory.support.DefaultListableBeanFactory@48719726: defining beans [grailsApplication,pluginManager,grailsResourceLoader,resourceHolder]; root of factory hierarchy
2010-09-02 09:27:18,510 [main] INFO commons.TagLibArtefactHandler - There are conflicting tags: JQueryTagLib.jq:pluginManager vs. JQueryResourceTagLib.jq:pluginManager. The former will take precedence.
Loading user property file /home/marcus/build.properties
Unable to load specified config location classpath:myproj-config.groovy : class path resource [myproj-config.groovy] cannot be opened because it does not exist
2010-09-02 09:27:19,127 [main] INFO plugins.DefaultGrailsPluginManager - Attempting to load [0] user defined plugins
2010-09-02 09:27:19,251 [main] INFO plugins.DefaultGrailsPluginManager - Grails plug-in [logging] with version [1.3.4] loaded successfully
2010-09-02 09:27:19,251 [main] INFO plugins.DefaultGrailsPluginManager - Grails plug-in [filters] with version [1.3.4] loaded successfully
2010-09-02 09:27:19,251 [main] INFO plugins.DefaultGrailsPluginManager - Grails plug-in [core] with version [1.3.4] loaded successfully
2010-09-02 09:27:19,251 [main] INFO plugins.DefaultGrailsPluginManager - Grails plug-in [urlMappings] with version [1.3.4] loaded successfully
2010-09-02 09:27:19,251 [main] INFO plugins.DefaultGrailsPluginManager - Grails plug-in [codecs] with version [1.3.4] loaded successfully
2010-09-02 09:27:19,251 [main] INFO plugins.DefaultGrailsPluginManager - Grails plug-in [servlets] with version [1.3.4] loaded successfully
2010-09-02 09:27:19,251 [main] INFO plugins.DefaultGrailsPluginManager - Grails plug-in [i18n] with version [1.3.4] loaded successfully
2010-09-02 09:27:19,251 [main] INFO plugins.DefaultGrailsPluginManager - Grails plug-in [jquery] with version [1.4.2.5] loaded successfully
2010-09-02 09:27:19,251 [main] INFO plugins.DefaultGrailsPluginManager - Grails plug-in [dynamicController] with version [0.2.1] loaded successfully
2010-09-02 09:27:19,252 [main] INFO plugins.DefaultGrailsPluginManager - Grails plug-in [codeCoverage] with version [1.1.8] loaded successfully
2010-09-02 09:27:19,252 [main] INFO plugins.DefaultGrailsPluginManager - Grails plug-in [autoTest] with version [0.1] loaded successfully
2010-09-02 09:27:19,252 [main] INFO plugins.DefaultGrailsPluginManager - Grails plug-in [famfamfam] with version [1.0.1] loaded successfully
2010-09-02 09:27:19,252 [main] INFO plugins.DefaultGrailsPluginManager - Grails plug-in [mail] with version [0.9] loaded successfully
2010-09-02 09:27:19,252 [main] INFO plugins.DefaultGrailsPluginManager - Grails plug-in [tomcat] with version [1.3.4] loaded successfully
2010-09-02 09:27:19,252 [main] INFO plugins.DefaultGrailsPluginManager - Grails plug-in [codenarc] with version [0.6.1] loaded successfully
2010-09-02 09:27:19,252 [main] INFO plugins.DefaultGrailsPluginManager - Grails plug-in [cometd] with version [0.2.1] loaded successfully
2010-09-02 09:27:19,252 [main] INFO plugins.DefaultGrailsPluginManager - Grails plug-in [springEvents] with version [1.0] loaded successfully
2010-09-02 09:27:19,252 [main] INFO plugins.DefaultGrailsPluginManager - Grails plug-in [googleVisualization] with version [0.2.2] loaded successfully
2010-09-02 09:27:19,252 [main] INFO plugins.DefaultGrailsPluginManager - Grails plug-in [gmetrics] with version [0.2.1] loaded successfully
2010-09-02 09:27:19,253 [main] INFO plugins.DefaultGrailsPluginManager - Grails plug-in [jqueryUi] with version [1.8.2.4] loaded successfully
2010-09-02 09:27:19,254 [main] INFO plugins.DefaultGrailsPluginManager - Grails plug-in [appInfo] with version [0.3] loaded successfully
2010-09-02 09:27:19,254 [main] INFO plugins.DefaultGrailsPluginManager - Grails plug-in [include] with version [0.3] loaded successfully
2010-09-02 09:27:19,254 [main] INFO plugins.DefaultGrailsPluginManager - Grails plug-in [dataSource] with version [1.3.4] loaded successfully
2010-09-02 09:27:19,254 [main] INFO plugins.DefaultGrailsPluginManager - Grails plug-in [controllers] with version [1.3.4] loaded successfully
2010-09-02 09:27:19,254 [main] INFO plugins.DefaultGrailsPluginManager - Grails plug-in [groovyPages] with version [1.3.4] loaded successfully
2010-09-02 09:27:19,254 [main] INFO plugins.DefaultGrailsPluginManager - Grails plug-in [scaffolding] with version [1.3.4] loaded successfully
2010-09-02 09:27:19,256 [main] INFO plugins.DefaultGrailsPluginManager - Grails plug-in [mimeTypes] with version [1.3.4] loaded successfully
2010-09-02 09:27:19,256 [main] INFO plugins.DefaultGrailsPluginManager - Grails plug-in [domainClass] with version [1.3.4] loaded successfully
2010-09-02 09:27:19,259 [main] INFO plugins.DefaultGrailsPluginManager - Grails plug-in [hibernate] with version [1.3.4] loaded successfully
2010-09-02 09:27:19,260 [main] INFO plugins.DefaultGrailsPluginManager - Grails plug-in [services] with version [1.3.4] loaded successfully
2010-09-02 09:27:19,260 [main] INFO plugins.DefaultGrailsPluginManager - Grails plug-in [validation] with version [1.3.4] loaded successfully
2010-09-02 09:27:19,260 [main] INFO plugins.DefaultGrailsPluginManager - Grails plug-in [converters] with version [1.3.4] loaded successfully
2010-09-02 09:27:19,260 [main] INFO plugins.DefaultGrailsPluginManager - Grails plug-in [springSecurityCore] with version [1.0.1] loaded successfully
2010-09-02 09:27:19,260 [main] INFO plugins.DefaultGrailsPluginManager - Grails plug-in [quartz] with version [0.4.2] loaded successfully
2010-09-02 09:27:19,260 [main] INFO plugins.DefaultGrailsPluginManager - Grails plug-in [springSecurityOpenid] with version [1.0] loaded successfully
2010-09-02 09:27:19,260 [main] INFO plugins.DefaultGrailsPluginManager - Grails plug-in [springSecurityOauthConsumer] with version [0.1] loaded successfully
2010-09-02 09:27:19,262 [main] INFO plugins.DefaultGrailsPluginManager - Grails plug-in [springSecurityUi] with version [0.1.1] loaded successfully
2010-09-02 09:27:19,285 [main] INFO commons.TagLibArtefactHandler - There are conflicting tags: JQueryTagLib.jq:pluginManager vs. JQueryResourceTagLib.jq:pluginManager. The former will take precedence.
2010-09-02 09:27:19,286 [main] INFO commons.TagLibArtefactHandler - There are conflicting tags: JQueryTagLib.jq:pluginManager vs. JQueryResourceTagLib.jq:pluginManager. The former will take precedence.
2010-09-02 09:27:19,287 [main] INFO commons.TagLibArtefactHandler - There are conflicting tags: JQueryTagLib.jq:pluginManager vs. JQueryResourceTagLib.jq:pluginManager. The former will take precedence.
2010-09-02 09:27:19,288 [main] INFO commons.TagLibArtefactHandler - There are conflicting tags: JQueryTagLib.jq:pluginManager vs. JQueryResourceTagLib.jq:pluginManager. The former will take precedence.
2010-09-02 09:27:19,288 [main] INFO commons.TagLibArtefactHandler - There are conflicting tags: JQueryTagLib.jq:pluginManager vs. JQueryResourceTagLib.jq:pluginManager. The former will take precedence.
2010-09-02 09:27:19,288 [main] INFO commons.TagLibArtefactHandler - There are conflicting tags: JQueryTagLib.jq:pluginManager vs. JQueryResourceTagLib.jq:pluginManager. The former will take precedence.
2010-09-02 09:27:19,292 [main] INFO commons.TagLibArtefactHandler - There are conflicting tags: JQueryTagLib.jq:pluginManager vs. JQueryResourceTagLib.jq:pluginManager. The former will take precedence.
2010-09-02 09:27:19,293 [main] INFO commons.TagLibArtefactHandler - There are conflicting tags: JQueryTagLib.jq:pluginManager vs. JQueryResourceTagLib.jq:pluginManager. The former will take precedence.
2010-09-02 09:27:19,300 [main] INFO commons.TagLibArtefactHandler - There are conflicting tags: JQueryTagLib.jq:pluginManager vs. JQueryResourceTagLib.jq:pluginManager. The former will take precedence.
2010-09-02 09:27:19,304 [main] INFO commons.TagLibArtefactHandler - There are conflicting tags: JQueryTagLib.jq:pluginManager vs. JQueryResourceTagLib.jq:pluginManager. The former will take precedence.
2010-09-02 09:27:19,305 [main] INFO commons.TagLibArtefactHandler - There are conflicting tags: JQueryTagLib.jq:pluginManager vs. JQueryResourceTagLib.jq:pluginManager. The former will take precedence.
2010-09-02 09:27:19,305 [main] INFO commons.TagLibArtefactHandler - There are conflicting tags: JQueryTagLib.jq:pluginManager vs. JQueryResourceTagLib.jq:pluginManager. The former will take precedence.
2010-09-02 09:27:19,305 [main] INFO commons.TagLibArtefactHandler - There are conflicting tags: JQueryTagLib.jq:pluginManager vs. JQueryResourceTagLib.jq:pluginManager. The former will take precedence.
2010-09-02 09:27:19,339 [main] INFO commons.TagLibArtefactHandler - There are conflicting tags: JQueryTagLib.jq:pluginManager vs. JQueryResourceTagLib.jq:pluginManager. The former will take precedence.
2010-09-02 09:27:19,374 [main] INFO commons.TagLibArtefactHandler - There are conflicting tags: JQueryTagLib.jq:pluginManager vs. JQueryResourceTagLib.jq:pluginManager. The former will take precedence.
2010-09-02 09:27:19,375 [main] INFO commons.TagLibArtefactHandler - There are conflicting tags: JQueryTagLib.jq:pluginManager vs. JQueryResourceTagLib.jq:pluginManager. The former will take precedence.
2010-09-02 09:27:19,378 [main] INFO commons.TagLibArtefactHandler - There are conflicting tags: JQueryTagLib.jq:pluginManager vs. JQueryResourceTagLib.jq:pluginManager. The former will take precedence.
2010-09-02 09:27:19,378 [main] INFO commons.TagLibArtefactHandler - There are conflicting tags: JQueryTagLib.jq:pluginManager vs. JQueryResourceTagLib.jq:pluginManager. The former will take precedence.
2010-09-02 09:27:19,378 [main] INFO commons.TagLibArtefactHandler - There are conflicting tags: JQueryTagLib.jq:pluginManager vs. JQueryResourceTagLib.jq:pluginManager. The former will take precedence.
2010-09-02 09:27:19,379 [main] INFO commons.TagLibArtefactHandler - There are conflicting tags: JQueryTagLib.jq:pluginManager vs. JQueryResourceTagLib.jq:pluginManager. The former will take precedence.
2010-09-02 09:27:19,394 [main] INFO commons.TagLibArtefactHandler - There are conflicting tags: JQueryTagLib.jq:pluginManager vs. JQueryResourceTagLib.jq:pluginManager. The former will take precedence.
2010-09-02 09:27:19,395 [main] INFO commons.TagLibArtefactHandler - There are conflicting tags: JQueryTagLib.jq:pluginManager vs. JQueryResourceTagLib.jq:pluginManager. The former will take precedence.
2010-09-02 09:27:19,405 [main] INFO commons.TagLibArtefactHandler - There are conflicting tags: JQueryTagLib.jq:pluginManager vs. JQueryResourceTagLib.jq:pluginManager. The former will take precedence.
2010-09-02 09:27:19,411 [main] INFO commons.TagLibArtefactHandler - There are conflicting tags: JQueryTagLib.jq:pluginManager vs. JQueryResourceTagLib.jq:pluginManager. The former will take precedence.
2010-09-02 09:27:19,411 [main] INFO commons.TagLibArtefactHandler - There are conflicting tags: JQueryTagLib.jq:pluginManager vs. JQueryResourceTagLib.jq:pluginManager. The former will take precedence.
2010-09-02 09:27:19,412 [main] INFO commons.TagLibArtefactHandler - There are conflicting tags: JQueryTagLib.jq:pluginManager vs. JQueryResourceTagLib.jq:pluginManager. The former will take precedence.
2010-09-02 09:27:19,412 [main] INFO commons.TagLibArtefactHandler - There are conflicting tags: JQueryTagLib.jq:pluginManager vs. JQueryResourceTagLib.jq:pluginManager. The former will take precedence.
2010-09-02 09:27:19,479 [main] INFO commons.TagLibArtefactHandler - There are conflicting tags: JQueryTagLib.jq:pluginManager vs. JQueryResourceTagLib.jq:pluginManager. The former will take precedence.
2010-09-02 09:27:19,615 [main] INFO jndi.SimpleNamingContextBuilder - Activating simple JNDI environment
2010-09-02 09:27:19,820 [main] INFO commons.TagLibArtefactHandler - There are conflicting tags: JQueryTagLib.jq:pluginManager vs. JQueryResourceTagLib.jq:pluginManager. The former will take precedence.
2010-09-02 09:27:19,821 [main] INFO commons.TagLibArtefactHandler - There are conflicting tags: JQueryTagLib.jq:pluginManager vs. JQueryResourceTagLib.jq:pluginManager. The former will take precedence.
2010-09-02 09:27:19,841 [main] INFO commons.TagLibArtefactHandler - There are conflicting tags: JQueryTagLib.jq:pluginManager vs. JQueryResourceTagLib.jq:pluginManager. The former will take precedence.
2010-09-02 09:27:19,864 [main] INFO commons.TagLibArtefactHandler - There are conflicting tags: JQueryTagLib.jq:pluginManager vs. JQueryResourceTagLib.jq:pluginManager. The former will take precedence.
2010-09-02 09:27:19,882 [main] INFO commons.TagLibArtefactHandler - There are conflicting tags: JQueryTagLib.jq:pluginManager vs. JQueryResourceTagLib.jq:pluginManager. The former will take precedence.
2010-09-02 09:27:19,905 [main] INFO commons.TagLibArtefactHandler - There are conflicting tags: org.codehaus.groovy.grails.plugins.web.taglib.FormTagLib.g:out vs. org.codehaus.groovy.grails.plugins.web.taglib.RenderTagLib.g:out. The former will take precedence.
2010-09-02 09:27:19,905 [main] INFO commons.TagLibArtefactHandler - There are conflicting tags: JQueryTagLib.jq:pluginManager vs. JQueryResourceTagLib.jq:pluginManager. The former will take precedence.
2010-09-02 09:27:19,919 [main] INFO commons.TagLibArtefactHandler - There are conflicting tags: org.codehaus.groovy.grails.plugins.web.taglib.FormTagLib.g:out vs. org.codehaus.groovy.grails.plugins.web.taglib.RenderTagLib.g:out. The former will take precedence.
2010-09-02 09:27:19,919 [main] INFO commons.TagLibArtefactHandler - There are conflicting tags: JQueryTagLib.jq:pluginManager vs. JQueryResourceTagLib.jq:pluginManager. The former will take precedence.
2010-09-02 09:27:19,935 [main] INFO commons.TagLibArtefactHandler - There are conflicting tags: org.codehaus.groovy.grails.plugins.web.taglib.FormTagLib.g:out vs. org.codehaus.groovy.grails.plugins.web.taglib.RenderTagLib.g:out. The former will take precedence.
2010-09-02 09:27:19,935 [main] INFO commons.TagLibArtefactHandler - There are conflicting tags: JQueryTagLib.jq:pluginManager vs. JQueryResourceTagLib.jq:pluginManager. The former will take precedence.
2010-09-02 09:27:19,952 [main] INFO commons.TagLibArtefactHandler - There are conflicting tags: org.codehaus.groovy.grails.plugins.web.taglib.FormTagLib.g:out vs. org.codehaus.groovy.grails.plugins.web.taglib.RenderTagLib.g:out. The former will take precedence.
2010-09-02 09:27:19,952 [main] INFO commons.TagLibArtefactHandler - There are conflicting tags: JQueryTagLib.jq:pluginManager vs. JQueryResourceTagLib.jq:pluginManager. The former will take precedence.
2010-09-02 09:27:23,012 [main] INFO hibernate.HibernatePluginSupport - Set db generation strategy to 'update'

Spring Security is disabled, not loading

2010-09-02 09:27:24,914 [main] INFO xml.XmlBeanDefinitionReader - Loading XML bean definitions from URL [file:./grails-app/conf/spring/resources.xml]
2010-09-02 09:27:25,892 [main] INFO spring.ReloadAwareAutowireCapableBeanFactory - Overriding bean definition for bean 'org.springframework.context.annotation.internalConfigurationAnnotationProcessor': replacing [Root bean: class [org.springframework.context.annotation.ConfigurationClassPostProcessor]; scope=; abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=null; factoryMethodName=null; initMethodName=null; destroyMethodName=null] with [Root bean: class [org.springframework.context.annotation.ConfigurationClassPostProcessor]; scope=; abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=null; factoryMethodName=null; initMethodName=null; destroyMethodName=null]
2010-09-02 09:27:25,892 [main] INFO spring.ReloadAwareAutowireCapableBeanFactory - Overriding bean definition for bean 'org.springframework.context.annotation.internalAutowiredAnnotationProcessor': replacing [Root bean: class [org.springframework.beans.factory.annotation.AutowiredAnnotationBeanPostProcessor]; scope=; abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=null; factoryMethodName=null; initMethodName=null; destroyMethodName=null] with [Root bean: class [org.springframework.beans.factory.annotation.AutowiredAnnotationBeanPostProcessor]; scope=; abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=null; factoryMethodName=null; initMethodName=null; destroyMethodName=null]
2010-09-02 09:27:25,892 [main] INFO spring.ReloadAwareAutowireCapableBeanFactory - Overriding bean definition for bean 'org.springframework.context.annotation.internalRequiredAnnotationProcessor': replacing [Root bean: class [org.springframework.beans.factory.annotation.RequiredAnnotationBeanPostProcessor]; scope=; abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=null; factoryMethodName=null; initMethodName=null; destroyMethodName=null] with [Root bean: class [org.springframework.beans.factory.annotation.RequiredAnnotationBeanPostProcessor]; scope=; abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=null; factoryMethodName=null; initMethodName=null; destroyMethodName=null]
2010-09-02 09:27:25,892 [main] INFO spring.ReloadAwareAutowireCapableBeanFactory - Overriding bean definition for bean 'org.springframework.context.annotation.internalCommonAnnotationProcessor': replacing [Root bean: class [org.springframework.context.annotation.CommonAnnotationBeanPostProcessor]; scope=; abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=null; factoryMethodName=null; initMethodName=null; destroyMethodName=null] with [Root bean: class [org.springframework.context.annotation.CommonAnnotationBeanPostProcessor]; scope=; abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=null; factoryMethodName=null; initMethodName=null; destroyMethodName=null]
2010-09-02 09:27:25,892 [main] INFO spring.ReloadAwareAutowireCapableBeanFactory - Overriding bean definition for bean 'org.springframework.context.annotation.internalPersistenceAnnotationProcessor': replacing [Root bean: class [org.springframework.orm.jpa.support.PersistenceAnnotationBeanPostProcessor]; scope=; abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=null; factoryMethodName=null; initMethodName=null; destroyMethodName=null] with [Root bean: class [org.springframework.orm.jpa.support.PersistenceAnnotationBeanPostProcessor]; scope=; abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=null; factoryMethodName=null; initMethodName=null; destroyMethodName=null]
2010-09-02 09:27:25,894 [main] INFO spring.ReloadAwareAutowireCapableBeanFactory - Overriding bean definition for bean 'org.springframework.aop.config.internalAutoProxyCreator': replacing [Root bean: class [org.springframework.aop.framework.autoproxy.InfrastructureAdvisorAutoProxyCreator]; scope=; abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=null; factoryMethodName=null; initMethodName=null; destroyMethodName=null] with [Root bean: class [org.springframework.aop.framework.autoproxy.InfrastructureAdvisorAutoProxyCreator]; scope=; abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=null; factoryMethodName=null; initMethodName=null; destroyMethodName=null]
2010-09-02 09:27:25,894 [main] INFO spring.ReloadAwareAutowireCapableBeanFactory - Overriding bean definition for bean 'org.springframework.transaction.annotation.AnnotationTransactionAttributeSource#0': replacing [Root bean: class [org.springframework.transaction.annotation.AnnotationTransactionAttributeSource]; scope=; abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=null; factoryMethodName=null; initMethodName=null; destroyMethodName=null] with [Root bean: class [org.springframework.transaction.annotation.AnnotationTransactionAttributeSource]; scope=; abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=null; factoryMethodName=null; initMethodName=null; destroyMethodName=null]
2010-09-02 09:27:25,894 [main] INFO spring.ReloadAwareAutowireCapableBeanFactory - Overriding bean definition for bean 'org.springframework.transaction.interceptor.TransactionInterceptor#0': replacing [Root bean: class [org.springframework.transaction.interceptor.TransactionInterceptor]; scope=; abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=null; factoryMethodName=null; initMethodName=null; destroyMethodName=null] with [Root bean: class [org.springframework.transaction.interceptor.TransactionInterceptor]; scope=; abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=null; factoryMethodName=null; initMethodName=null; destroyMethodName=null]
2010-09-02 09:27:25,894 [main] INFO spring.ReloadAwareAutowireCapableBeanFactory - Overriding bean definition for bean 'org.springframework.transaction.config.internalTransactionAdvisor': replacing [Root bean: class [org.springframework.transaction.interceptor.BeanFactoryTransactionAttributeSourceAdvisor]; scope=; abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=null; factoryMethodName=null; initMethodName=null; destroyMethodName=null] with [Root bean: class [org.springframework.transaction.interceptor.BeanFactoryTransactionAttributeSourceAdvisor]; scope=; abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=null; factoryMethodName=null; initMethodName=null; destroyMethodName=null]
2010-09-02 09:27:25,894 [main] INFO spring.ReloadAwareAutowireCapableBeanFactory - Overriding bean definition for bean 'sessionAuthenticationStrategy': replacing [Generic bean: class [org.springframework.security.web.authentication.session.ConcurrentSessionControlStrategy]; scope=singleton; abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=null; factoryMethodName=null; initMethodName=null; destroyMethodName=null] with [Generic bean: class [org.springframework.security.web.authentication.session.ConcurrentSessionControlStrategy]; scope=singleton; abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=null; factoryMethodName=null; initMethodName=null; destroyMethodName=null]
2010-09-02 09:27:25,894 [main] INFO spring.ReloadAwareAutowireCapableBeanFactory - Overriding bean definition for bean 'httpHostConfiguration': replacing [Generic bean: class [org.apache.commons.httpclient.HostConfiguration]; scope=singleton; abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=null; factoryMethodName=null; initMethodName=null; destroyMethodName=null] with [Generic bean: class [org.apache.commons.httpclient.HostConfiguration]; scope=singleton; abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=null; factoryMethodName=null; initMethodName=null; destroyMethodName=null]
2010-09-02 09:27:25,894 [main] INFO spring.ReloadAwareAutowireCapableBeanFactory - Overriding bean definition for bean 'linkedInAuthenticationProvider': replacing [Generic bean: class [org.codehaus.groovy.grails.plugins.springsecurity.oauth.OAuthAuthenticationProvider]; scope=singleton; abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=null; factoryMethodName=null; initMethodName=null; destroyMethodName=null] with [Generic bean: class [org.codehaus.groovy.grails.plugins.springsecurity.oauth.OAuthAuthenticationProvider]; scope=singleton; abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=null; factoryMethodName=null; initMethodName=null; destroyMethodName=null]
2010-09-02 09:27:25,895 [main] INFO spring.ReloadAwareAutowireCapableBeanFactory - Overriding bean definition for bean 'openIDAuthProvider': replacing [Generic bean: class [org.springframework.security.openid.OpenIDAuthenticationProvider]; scope=singleton; abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=null; factoryMethodName=null; initMethodName=null; destroyMethodName=null] with [Generic bean: class [org.springframework.security.openid.OpenIDAuthenticationProvider]; scope=singleton; abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=null; factoryMethodName=null; initMethodName=null; destroyMethodName=null]
2010-09-02 09:27:25,895 [main] INFO spring.ReloadAwareAutowireCapableBeanFactory - Overriding bean definition for bean 'httpClient': replacing [Generic bean: class [org.apache.commons.httpclient.HttpClient]; scope=singleton; abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=null; factoryMethodName=null; initMethodName=null; destroyMethodName=null] with [Generic bean: class [org.apache.commons.httpclient.HttpClient]; scope=singleton; abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=null; factoryMethodName=null; initMethodName=null; destroyMethodName=null]
2010-09-02 09:27:25,895 [main] INFO spring.ReloadAwareAutowireCapableBeanFactory - Overriding bean definition for bean 'httpConnectionManager': replacing [Generic bean: class [org.apache.commons.httpclient.MultiThreadedHttpConnectionManager]; scope=singleton; abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=null; factoryMethodName=null; initMethodName=null; destroyMethodName=null] with [Generic bean: class [org.apache.commons.httpclient.MultiThreadedHttpConnectionManager]; scope=singleton; abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=null; factoryMethodName=null; initMethodName=null; destroyMethodName=null]
2010-09-02 09:27:25,895 [main] INFO spring.ReloadAwareAutowireCapableBeanFactory - Overriding bean definition for bean 'concurrentSessionFilter': replacing [Generic bean: class [org.springframework.security.web.session.ConcurrentSessionFilter]; scope=singleton; abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=null; factoryMethodName=null; initMethodName=null; destroyMethodName=null] with [Generic bean: class [org.springframework.security.web.session.ConcurrentSessionFilter]; scope=singleton; abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=null; factoryMethodName=null; initMethodName=null; destroyMethodName=null]
2010-09-02 09:27:25,895 [main] INFO spring.ReloadAwareAutowireCapableBeanFactory - Overriding bean definition for bean 'sessionRegistry': replacing [Generic bean: class [org.springframework.security.core.session.SessionRegistryImpl]; scope=singleton; abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=null; factoryMethodName=null; initMethodName=null; destroyMethodName=null] with [Generic bean: class [org.springframework.security.core.session.SessionRegistryImpl]; scope=singleton; abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=null; factoryMethodName=null; initMethodName=null; destroyMethodName=null]
2010-09-02 09:27:25,895 [main] INFO spring.ReloadAwareAutowireCapableBeanFactory - Overriding bean definition for bean 'twitterAuthenticationProvider': replacing [Generic bean: class [org.codehaus.groovy.grails.plugins.springsecurity.oauth.OAuthAuthenticationProvider]; scope=singleton; abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=null; factoryMethodName=null; initMethodName=null; destroyMethodName=null] with [Generic bean: class [org.codehaus.groovy.grails.plugins.springsecurity.oauth.OAuthAuthenticationProvider]; scope=singleton; abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=null; factoryMethodName=null; initMethodName=null; destroyMethodName=null]
2010-09-02 09:27:25,935 [main] INFO spring.GrailsWebApplicationContext - Refreshing org.codehaus.groovy.grails.commons.spring.GrailsWebApplicationContext@1bb57655: startup date [Thu Sep 02 09:27:25 CEST 2010]; parent: org.codehaus.groovy.grails.commons.spring.GrailsWebApplicationContext@6cea6c99
2010-09-02 09:27:26,952 [main] INFO spring.GrailsWebApplicationContext - Bean 'org.springframework.transaction.annotation.AnnotationTransactionAttributeSource#0' is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying)
2010-09-02 09:27:26,955 [main] INFO spring.GrailsWebApplicationContext - Bean 'org.springframework.transaction.config.internalTransactionAdvisor' is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying)
2010-09-02 09:27:27,774 [main] INFO dialect.Dialect - Using dialect: org.hibernate.dialect.HSQLDialect
2010-09-02 09:27:28,105 [main] INFO annotations.Version - Hibernate Annotations 3.4.0.GA
2010-09-02 09:27:28,191 [main] INFO common.Version - Hibernate Commons Annotations 3.1.0.GA
2010-09-02 09:27:28,621 [main] INFO cfg.AnnotationConfiguration - Hibernate Validator not found: ignoring
2010-09-02 09:27:28,622 [main] INFO hibernate.ConfigurableLocalSessionFactoryBean - Building new Hibernate SessionFactory
2010-09-02 09:27:28,633 [main] INFO search.HibernateSearchEventListenerRegister - Unable to find org.hibernate.search.event.FullTextIndexEventListener on the classpath. Hibernate Search is not enabled.
2010-09-02 09:27:28,796 [main] INFO connection.ConnectionProviderFactory - Initializing connection provider: org.springframework.orm.hibernate3.TransactionAwareDataSourceConnectionProvider
2010-09-02 09:27:28,798 [main] INFO cfg.SettingsFactory - RDBMS: HSQL Database Engine, version: 1.8.0
2010-09-02 09:27:28,798 [main] INFO cfg.SettingsFactory - JDBC driver: HSQL Database Engine Driver, version: 1.8.0
2010-09-02 09:27:28,798 [main] INFO dialect.Dialect - Using dialect: org.hibernate.dialect.HSQLDialect
2010-09-02 09:27:28,799 [main] INFO transaction.TransactionFactoryFactory - Transaction strategy: org.springframework.orm.hibernate3.SpringTransactionFactory
2010-09-02 09:27:28,800 [main] INFO transaction.TransactionManagerLookupFactory - No TransactionManagerLookup configured (in JTA environment, use of read-write or transactional second-level cache is not recommended)
2010-09-02 09:27:28,800 [main] INFO cfg.SettingsFactory - Automatic flush during beforeCompletion(): disabled
2010-09-02 09:27:28,800 [main] INFO cfg.SettingsFactory - Automatic session close at end of transaction: disabled
2010-09-02 09:27:28,800 [main] INFO cfg.SettingsFactory - JDBC batch size: 15
2010-09-02 09:27:28,800 [main] INFO cfg.SettingsFactory - JDBC batch updates for versioned data: disabled
2010-09-02 09:27:28,801 [main] INFO cfg.SettingsFactory - Scrollable result sets: enabled
2010-09-02 09:27:28,801 [main] INFO cfg.SettingsFactory - JDBC3 getGeneratedKeys(): disabled
2010-09-02 09:27:28,801 [main] INFO cfg.SettingsFactory - Connection release mode: auto
2010-09-02 09:27:28,802 [main] INFO cfg.SettingsFactory - Default batch fetch size: 1
2010-09-02 09:27:28,802 [main] INFO cfg.SettingsFactory - Generate SQL with comments: disabled
2010-09-02 09:27:28,802 [main] INFO cfg.SettingsFactory - Order SQL updates by primary key: disabled
2010-09-02 09:27:28,802 [main] INFO cfg.SettingsFactory - Order SQL inserts for batching: disabled
2010-09-02 09:27:28,802 [main] INFO cfg.SettingsFactory - Query translator: org.hibernate.hql.ast.ASTQueryTranslatorFactory
2010-09-02 09:27:28,851 [main] INFO ast.ASTQueryTranslatorFactory - Using ASTQueryTranslatorFactory
2010-09-02 09:27:28,851 [main] INFO cfg.SettingsFactory - Query language substitutions: {}
2010-09-02 09:27:28,852 [main] INFO cfg.SettingsFactory - JPA-QL strict compliance: disabled
2010-09-02 09:27:28,852 [main] INFO cfg.SettingsFactory - Second-level cache: disabled
2010-09-02 09:27:28,852 [main] INFO cfg.SettingsFactory - Query cache: disabled
2010-09-02 09:27:28,852 [main] INFO cfg.SettingsFactory - Cache region factory : org.hibernate.cache.impl.NoCachingRegionFactory
2010-09-02 09:27:28,852 [main] INFO cfg.SettingsFactory - Optimize cache for minimal puts: disabled
2010-09-02 09:27:28,852 [main] INFO cfg.SettingsFactory - Structured second-level cache entries: disabled
2010-09-02 09:27:28,859 [main] INFO cfg.SettingsFactory - Statistics: disabled
2010-09-02 09:27:28,859 [main] INFO cfg.SettingsFactory - Deleted entity synthetic identifier rollback: disabled
2010-09-02 09:27:28,860 [main] INFO cfg.SettingsFactory - Default entity-mode: pojo
2010-09-02 09:27:28,860 [main] INFO cfg.SettingsFactory - Named query checking : enabled
2010-09-02 09:27:29,011 [main] INFO impl.SessionFactoryImpl - building session factory
2010-09-02 09:27:29,925 [main] INFO impl.SessionFactoryObjectFactory - Factory name: org.codehaus.groovy.grails.orm.hibernate.ConfigurableLocalSessionFactoryBean
2010-09-02 09:27:29,928 [main] INFO util.NamingHelper - JNDI InitialContext properties:{}
2010-09-02 09:27:29,952 [main] INFO jndi.SimpleNamingContext - Static JNDI binding: [org.codehaus.groovy.grails.orm.hibernate.ConfigurableLocalSessionFactoryBean] = [org.hibernate.impl.SessionFactoryImpl@7e85132f]
2010-09-02 09:27:29,952 [main] INFO impl.SessionFactoryObjectFactory - Bound factory to JNDI name: org.codehaus.groovy.grails.orm.hibernate.ConfigurableLocalSessionFactoryBean
2010-09-02 09:27:29,954 [main] WARN impl.SessionFactoryObjectFactory - InitialContext did not implement EventContext
2010-09-02 09:27:30,021 [main] INFO hbm2ddl.SchemaUpdate - Running hbm2ddl schema update
2010-09-02 09:27:30,021 [main] INFO hbm2ddl.SchemaUpdate - fetching database metadata
2010-09-02 09:27:30,093 [main] INFO hbm2ddl.SchemaUpdate - updating schema
2010-09-02 09:27:30,121 [main] INFO hbm2ddl.DatabaseMetadata - table not found: // ... trimmed ...
2010-09-02 09:27:30,150 [main] INFO hbm2ddl.SchemaUpdate - schema update complete
2010-09-02 09:27:30,179 [main] INFO hibernate.GrailsHibernateTransactionManager - Using DataSource [org.springframework.jdbc.datasource.TransactionAwareDataSourceProxy@4687ace0] of Hibernate SessionFactory for HibernateTransactionManager
2010-09-02 09:27:30,457 [main] INFO spring.ReloadAwareAutowireCapableBeanFactory - Pre-instantiating singletons in org.codehaus.groovy.grails.commons.spring.ReloadAwareAutowireCapableBeanFactory@3d6bc07a: defining beans [org.springframework.context.annotation.internalConfigurationAnnotationProcessor,
// ... trimmed ...
2010-09-02 09:27:30,741 [main] INFO spring.ReloadAwareAutowireCapableBeanFactory - Destroying singletons in org.codehaus.groovy.grails.commons.spring.ReloadAwareAutowireCapableBeanFactory@3d6bc07a: defining beans [org.springframework.context.annotation.internalConfigurationAnnotationProcessor,
// ... trimmed ...
2010-09-02 09:27:30,768 [main] INFO hibernate.ConfigurableLocalSessionFactoryBean - Closing Hibernate SessionFactory
2010-09-02 09:27:30,769 [main] INFO impl.SessionFactoryImpl - closing
2010-09-02 09:27:30,769 [main] INFO impl.SessionFactoryObjectFactory - Unbinding factory from JNDI name: org.codehaus.groovy.grails.orm.hibernate.ConfigurableLocalSessionFactoryBean
2010-09-02 09:27:30,769 [main] INFO util.NamingHelper - JNDI InitialContext properties:{}
2010-09-02 09:27:30,769 [main] INFO jndi.SimpleNamingContext - Static JNDI remove: [org.codehaus.groovy.grails.orm.hibernate.ConfigurableLocalSessionFactoryBean]
2010-09-02 09:27:30,769 [main] INFO impl.SessionFactoryObjectFactory - Unbound factory from JNDI name: org.codehaus.groovy.grails.orm.hibernate.ConfigurableLocalSessionFactoryBean
[junitreport] Processing /home/marcus/myproj/myproj/target/test-reports/TESTS-TestSuites.xml to /tmp/null1905733408
[junitreport] Loading stylesheet jar:file:/home/marcus/.ivy2/cache/org.apache.ant/ant-junit/jars/ant-junit-1.7.1.jar!/org/apache/tools/ant/taskdefs/optional/junit/xsl/junit-frames.xsl
[junitreport] Transform time: 2482ms
[junitreport] Deleting: /tmp/null1905733408

Tests FAILED - view reports in target/test-reports
Error executing script TestApp: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'linkedInAuthenticationProvider': Cannot create inner bean '(inner bean)' of type [org.codehaus.groovy.grails.plugins.springsecurity.oauth.linkedin.LinkedInUserDetailsService] while setting bean property 'userDetailsService'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name '(inner bean)': Cannot resolve reference to bean 'oauthConsumerSupport' while setting bean property 'oAuthConsumerSupport'; nested exception is org.springframework.beans.factory.NoSuchBeanDefinitionException: No bean named 'oauthConsumerSupport' is defined
org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'linkedInAuthenticationProvider': Cannot create inner bean '(inner bean)' of type [org.codehaus.groovy.grails.plugins.springsecurity.oauth.linkedin.LinkedInUserDetailsService] while setting bean property 'userDetailsService'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name '(inner bean)': Cannot resolve reference to bean 'oauthConsumerSupport' while setting bean property 'oAuthConsumerSupport'; nested exception is org.springframework.beans.factory.NoSuchBeanDefinitionException: No bean named 'oauthConsumerSupport' is defined
at gant.Gant$_dispatch_closure5.doCall(Gant.groovy:391)
at gant.Gant$_dispatch_closure7.doCall(Gant.groovy:415)
at gant.Gant$_dispatch_closure7.doCall(Gant.groovy)
at gant.Gant.withBuildListeners(Gant.groovy:427)
at gant.Gant.this$2$withBuildListeners(Gant.groovy)
at gant.Gant$this$2$withBuildListeners.callCurrent(Unknown Source)
at gant.Gant.dispatch(Gant.groovy:415)
at gant.Gant.this$2$dispatch(Gant.groovy)
at gant.Gant.invokeMethod(Gant.groovy)
at gant.Gant.executeTargets(Gant.groovy:590)
at gant.Gant.executeTargets(Gant.groovy:589)
Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'linkedInAuthenticationProvider': Cannot create inner bean '(inner bean)' of type [org.codehaus.groovy.grails.plugins.springsecurity.oauth.linkedin.LinkedInUserDetailsService] while setting bean property 'userDetailsService'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name '(inner bean)': Cannot resolve reference to bean 'oauthConsumerSupport' while setting bean property 'oAuthConsumerSupport'; nested exception is org.springframework.beans.factory.NoSuchBeanDefinitionException: No bean named 'oauthConsumerSupport' is defined
at _GrailsBootstrap_groovy$_run_closure2_closure12.doCall(_GrailsBootstrap_groovy:95)
at _GrailsBootstrap_groovy$_run_closure2_closure12.doCall(_GrailsBootstrap_groovy)
at _GrailsSettings_groovy$_run_closure10.doCall(_GrailsSettings_groovy:280)
at _GrailsSettings_groovy$_run_closure10.call(_GrailsSettings_groovy)
at _GrailsBootstrap_groovy$_run_closure2.doCall(_GrailsBootstrap_groovy:87)
at _GrailsBootstrap_groovy$_run_closure6.doCall(_GrailsBootstrap_groovy:144)
at _GrailsTest_groovy$_run_closure9.doCall(_GrailsTest_groovy:309)
at _GrailsTest_groovy$_run_closure9.doCall(_GrailsTest_groovy)
at _GrailsTest_groovy$_run_closure1_closure21.doCall(_GrailsTest_groovy:181)
at _GrailsTest_groovy$_run_closure1.doCall(_GrailsTest_groovy:171)
at TestApp$_run_closure1.doCall(TestApp.groovy:101)
at gant.Gant$_dispatch_closure5.doCall(Gant.groovy:381)
... 10 more
Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name '(inner bean)': Cannot resolve reference to bean 'oauthConsumerSupport' while setting bean property 'oAuthConsumerSupport'; nested exception is org.springframework.beans.factory.NoSuchBeanDefinitionException: No bean named 'oauthConsumerSupport' is defined
... 22 more
Caused by: org.springframework.beans.factory.NoSuchBeanDefinitionException: No bean named 'oauthConsumerSupport' is defined
... 22 more
{code}

GPSPRINGSECURITYCORE-47: Provide a methode to expose user details from authenticate service to new threads

Original Reporter: mrgraf_hh
Environment: Not Specified
Version: Not Specified
Migrated From: http://jira.grails.org/browse/GPSPRINGSECURITYCORE-47

See
http://grails.1312388.n4.nabble.com/authenticateService-acegi-not-fully-initialized-when-using-background-thread-plugin-tt2294298.html#a2294298
for the discussion.

Thanks!
Thomas

GPSPRINGSECURITYCORE-34: compile error during compilation with javac

Original Reporter: rekhanagamani
Environment: Debian OS
Version: Grails-Spring-Security-Core 0.3.1
Migrated From: http://jira.grails.org/browse/GPSPRINGSECURITYCORE-34

i want to install spring security core plugin to my grails application,
but when i run the grails s2-quickstart script i am getting compilation error follows, i am getting the same error even in acegi security plugin.

Running script /root/.grails/1.3.1/projects/Rekha/plugins/spring-security-core-0.3.1/scripts/S2Quickstart.groovy
Environment set to development
[groovyc] Compiling 30 source files to /root/.grails/1.3.1/projects/Rekha/plugin-classes
[groovyc] org.codehaus.groovy.control.MultipleCompilationErrorsException: startup failed:
[groovyc] Compile error during compilation with javac.
[groovyc] /root/.grails/1.3.1/projects/Rekha/plugins/spring-security-core-0.3.1/src/java/org/codehaus/groovy/grails/plugins/springsecurity/AbstractFilterInvocationDefinition.java:110: cannot find symbol
[groovyc] symbol : method isTraceEnabled()
[groovyc] location: class org.apache.log4j.Logger
[groovyc] if (_log.isTraceEnabled()) {
[groovyc] ^
[groovyc] /root/.grails/1.3.1/projects/Rekha/plugins/spring-security-core-0.3.1/src/java/org/codehaus/groovy/grails/plugins/springsecurity/AbstractFilterInvocationDefinition.java:111: cannot find symbol
[groovyc] symbol : method trace(java.lang.String)
[groovyc] location: class org.apache.log4j.Logger
[groovyc] _log.trace("new candidate for '" + url + "': '" + pattern
[groovyc] ^
[groovyc] /root/.grails/1.3.1/projects/Rekha/plugins/spring-security-core-0.3.1/src/java/org/codehaus/groovy/grails/plugins/springsecurity/AbstractFilterInvocationDefinition.java:118: cannot find symbol
[groovyc] symbol : method isTraceEnabled()
[groovyc] location: class org.apache.log4j.Logger
[groovyc] if (_log.isTraceEnabled()) {
[groovyc] ^
[groovyc] /root/.grails/1.3.1/projects/Rekha/plugins/spring-security-core-0.3.1/src/java/org/codehaus/groovy/grails/plugins/springsecurity/AbstractFilterInvocationDefinition.java:120: cannot find symbol
[groovyc] symbol : method trace(java.lang.String)
[groovyc] location: class org.apache.log4j.Logger
[groovyc] _log.trace("no config for '" + url + "'");
[groovyc] ^
[groovyc] /root/.grails/1.3.1/projects/Rekha/plugins/spring-security-core-0.3.1/src/java/org/codehaus/groovy/grails/plugins/springsecurity/AbstractFilterInvocationDefinition.java:123: cannot find symbol
[groovyc] symbol : method trace(java.lang.String)
[groovyc] location: class org.apache.log4j.Logger
[groovyc] _log.trace("config for '" + url + "' is '" + configAttributePattern + "':" + configAttributes);
[groovyc] ^
[groovyc] /root/.grails/1.3.1/projects/Rekha/plugins/spring-security-core-0.3.1/src/java/org/codehaus/groovy/grails/plugins/springsecurity/AnnotationFilterInvocationDefinition.java:177: cannot find symbol
[groovyc] symbol : method isTraceEnabled()
[groovyc] location: class org.apache.log4j.Logger
[groovyc] if (_log.isTraceEnabled()) _log.trace("configs: " + getConfigAttributeMap());
[groovyc] ^
[groovyc] /root/.grails/1.3.1/projects/Rekha/plugins/spring-security-core-0.3.1/src/java/org/codehaus/groovy/grails/plugins/springsecurity/AnnotationFilterInvocationDefinition.java:177: cannot find symbol
[groovyc] symbol : method trace(java.lang.String)
[groovyc] location: class org.apache.log4j.Logger
[groovyc] if (_log.isTraceEnabled()) _log.trace("configs: " + getConfigAttributeMap());
[groovyc] ^
[groovyc] /root/.grails/1.3.1/projects/Rekha/plugins/spring-security-core-0.3.1/src/java/org/codehaus/groovy/grails/plugins/springsecurity/RequestmapFilterInvocationDefinition.java:58: cannot find symbol
[groovyc] symbol : method isTraceEnabled()
[groovyc] location: class org.apache.log4j.Logger
[groovyc] if (_log.isTraceEnabled()) _log.trace("configs: " + getConfigAttributeMap());
[groovyc] ^
[groovyc] /root/.grails/1.3.1/projects/Rekha/plugins/spring-security-core-0.3.1/src/java/org/codehaus/groovy/grails/plugins/springsecurity/RequestmapFilterInvocationDefinition.java:58: cannot find symbol
[groovyc] symbol : method trace(java.lang.String)
[groovyc] location: class org.apache.log4j.Logger
[groovyc] if (_log.isTraceEnabled()) _log.trace("configs: " + getConfigAttributeMap());
[groovyc] ^
[groovyc] 9 errors
[groovyc]
[groovyc]
[groovyc] 1 error
: Compilation Failed
at org.codehaus.groovy.ant.Groovyc.compile(Groovyc.java:843)
at org.codehaus.groovy.ant.Groovyc.execute(Groovyc.java:550)
at org.apache.tools.ant.UnknownElement.execute(UnknownElement.java:288)
at org.apache.tools.ant.dispatch.DispatchUtils.execute(DispatchUtils.java:106)
at _GrailsCompile_groovy$_run_closure4_closure10.doCall(_GrailsCompile_groovy:118)
at _GrailsCompile_groovy$_run_closure4_closure10.doCall(_GrailsCompile_groovy)
at _GrailsSettings_groovy$_run_closure10.doCall(_GrailsSettings_groovy:282)
at _GrailsSettings_groovy$_run_closure10.call(_GrailsSettings_groovy)
at _GrailsCompile_groovy$_run_closure4.doCall(_GrailsCompile_groovy:105)
at _GrailsCompile_groovy$_run_closure3.doCall(_GrailsCompile_groovy:68)
at _GrailsPackage_groovy$_run_closure2_closure9.doCall(_GrailsPackage_groovy:84)
at _GrailsPackage_groovy$_run_closure2_closure9.doCall(_GrailsPackage_groovy)
at _GrailsSettings_groovy$_run_closure10.doCall(_GrailsSettings_groovy:282)
at _GrailsSettings_groovy$_run_closure10.call(_GrailsSettings_groovy)
at _GrailsPackage_groovy$_run_closure2.doCall(_GrailsPackage_groovy:83)
at S2Quickstart$_run_closure1.doCall(S2Quickstart:36)
at gant.Gant$_dispatch_closure5.doCall(Gant.groovy:381)
at gant.Gant$_dispatch_closure7.doCall(Gant.groovy:415)
at gant.Gant$_dispatch_closure7.doCall(Gant.groovy)
at gant.Gant.withBuildListeners(Gant.groovy:427)
at gant.Gant.this$2$withBuildListeners(Gant.groovy)
at gant.Gant$this$2$withBuildListeners.callCurrent(Unknown Source)
at gant.Gant.dispatch(Gant.groovy:415)
at gant.Gant.this$2$dispatch(Gant.groovy)
at gant.Gant.invokeMethod(Gant.groovy)
at gant.Gant.executeTargets(Gant.groovy:590)
at gant.Gant.executeTargets(Gant.groovy:589)
Caused by: org.codehaus.groovy.control.MultipleCompilationErrorsException: startup failed:

GPSPRINGSECURITYCORE-15: Bug in documentation about Custom UserDetailsService

Original Reporter: chuchiperriman
Environment: All environments
Version: Grails-Spring-Security-Core 1.0
Migrated From: http://jira.grails.org/browse/GPSPRINGSECURITYCORE-15

It's mandatory add the next line to the UserDetailsService implementation:

authorities ?: NO_ROLES

If not, you get a nullpointerexception when trying to check roles in users without any role. The complete class should be:

{code}
package com.mycompany.myapp
import org.codehaus.groovy.grails.plugins.springsecurity.GrailsUser
import org.codehaus.groovy.grails.plugins.springsecurity.GrailsUserDetailsService
import org.springframework.security.core.authority.GrantedAuthorityImpl
import org.springframework.security.core.userdetails.UserDetails
import org.springframework.security.core.userdetails.UsernameNotFoundException

class MyUserDetailsService implements GrailsUserDetailsService {

/**
* Some Spring Security classes (e.g. RoleHierarchyVoter) expect at least one role, so
* we give a user with no granted roles this one which gets past that restriction but
* doesn't grant anything.
*/
static final List NO_ROLES = [new GrantedAuthorityImpl(SpringSecurityUtils.NO_ROLE)]

UserDetails loadUserByUsername(String username, boolean loadRoles)
throws UsernameNotFoundException {
return loadUserByUsername(username)
}

UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {

  User.withTransaction { status ->

     User user = User.findByUsername(username)
     if (!user) throw new UsernameNotFoundException('User not found', username)

     def authorities = user.authorities.collect { new GrantedAuthorityImpl(it.authority) }
     authorities ?: NO_ROLES

     return new MyUserDetails(user.username, user.password, user.enabled,
        !user.accountExpired, !user.passwordExpired,
        !user.accountLocked, authorities, user.id,
        user.firstName + " " + user.lastName)
  }

}
}
{code}

GPSPRINGSECURITYCORE-32: Can't change the filter-mapping location.

Original Reporter: alin04
Environment: Not Specified
Version: Grails-Spring-Security-Core 1.0
Migrated From: http://jira.grails.org/browse/GPSPRINGSECURITYCORE-32

The findMappingLocation() method appears to be broken.

Without charEncodingFilter defined, the Spring Security filter is never registered. It never looks for sitemesh as a fallback.

    def mappingLocation = xml.'filter-mapping'.find { it.'filter-name'.text() == 'charEncodingFilter' }
    if (mappingLocation) {
        return mappingLocation
    }

mappingLocation is set to groovy.util.slrupersupport.NoChildren when it can't find charEncodingFilter and returns out of the method.

Ideally, come up with a better way to customize where the security filter is placed. We have a legacy SSO filter that has to happen after character encoding but before spring security.

GPSPRINGSECURITYCORE-68: evaluate controller annotations after running Grails filters

Original Reporter: marcusb
Environment: Grails 1.3.4
Version: Grails-Spring-Security-Core 1.0
Migrated From: http://jira.grails.org/browse/GPSPRINGSECURITYCORE-68

It would be nice if the Grails filters and interceptors could run before security restrictions on the controller are evaluated. This would give Grails filters a chance to perform authentication.

Currently if my Grails filter populates the SecurityContextHolder with an Authentication, it still does not allow access to an action with @secured(['IS_AUTHENTICATED_REMEMBERED']). Instead, I must annotate the action with IS_AUTHENTICATED_ANONYMOUSLY, which is suboptimal.

I could code a Spring Security filter for this, which would execute earlier, but in this case the filter makes use of Grails functionality (such as the controller, action and params after URL mapping) for its authentication decision. So a Grails filter is really more suitable.

grails / grails-spring-security-core Goto Github PK

grails-spring-security-core's Introduction

Grails Spring Security Core Plugin

Branch structure

grails-spring-security-core's People

Contributors

Stargazers

Watchers

Forkers

grails-spring-security-core's Issues

Plugins available in the grailsCore repository are listed below:

Plug-ins you currently have installed are listed below:

{{findFilterChainNames(conf)}} is invoked passing a {{SpringSecurityUtils.securityConfig}} reference

the documented property seems ignored

if I set {{grails.plugins.springsecurity}}{{.filterChain}}{{.filterNames}} everything works fine (i.e. I obtain the right behavior).\

Plugin provides the following new scripts:

Just went through Spring Security, thinking it was a bug in their system (https://jira.springsource.org/browse/SEC-1244), and confirmed it was not. This is a Grails bug.

Everything works now!

Tests Completed in 19224ms ...

Tests failed: 1

Recommend Projects

Recommend Topics

Recommend Org