Skip to main content

Grails - Jsecurity(Shiro) plugin usage

Jsecurity plugin for grails simplies some of the tasks related to application security.
Ref: http://grails.org/JSecurity+Plugin

If installed correctly, it installs few domain classes and an AuthController in your application.

This topic will be helpful if you have successfully installed the jsecurity plugin and trying to explore more about the usage.

The following domain classes are added.
1. JsecUser
2. JsecRole
3. JsecPermission
etc

There is one controller "AuthController" added to your list of controllers.
If grails is installed on your local m/c and if your server is running on port 8080, you can invoke this controller using
http://localhost:8080/myApp/auth

We do not have to call this explicitly. Whenever there is request for a URL that is protected by JSecurity as configured in the "SecurityFilters", the controller is automatically invovoked. (Refer documentation plug-in )

BootStrap.groovy installation script can be used to define the initial set of users.

However, we would like to give flexibility to certain previlaged users (Admin) to add more users through the user interface. The default controllers and views provided by installing Jsecurity plugin is limited to "authorization" controller. There may be ways to acheive this, but from the plugin documentation it is not very clear.

We can make use of the domain classes listed above (JsecUser) and create typical Add, Modify, Delete functions.

Generate controllers and views by running the grails command generate-all for the domain class JsecUser. Same thing can be done to JsecUserRoleRel to assign roles defined in the BootStrap files at the time of installation.

A minor change to JsecUserController is required to deal with encrypting password.
Insert the code higlighted in the "save" method as given below.

def save = {
def jsecUserInstance = new JsecUser(params)

jsecUserInstance.passwordHash = new Sha1Hash(jsecUserInstance.passwordHash).toHex();

if(!jsecUserInstance.hasErrors() && jsecUserInstance.save()) {
flash.message = "JsecUser ${jsecUserInstance.id} created"
redirect(action:show,id:jsecUserInstance.id)
}
else {
render(view:'create',model:[jsecUserInstance:jsecUserInstance])
}
}


Similar change can be done to the "update" method.

Comments

Popular posts from this blog

Grails - cross-field Date validation

Often we run into domain classes with date fields. If the domain class has two datefields, startDate and endDate, and the rule for a valid combination is "endDate to be greater than startDate", how do we handle? I listed below two of the options, either using domain level constraints or using the domain classes. Option 1: Using domain constraints. Let us take a sample Grails Domain class class Student{ String name String school Date startDate Date endDate } Add the following constraints to enforce validation rules where name, school, startDate cannot be blank and endDate if present should be greater than startDate.

Grails - Querying complex associations

Criteria class allows performing complex searches on grails objects. There are number of shortcut methods for performing queries but these methods have limitations in terms of number of conditions used in "where clauses". Traditional sql "joins" are not possible as shown in some of the Grails "Finder" methods shown below. Sample 1: def list = AccountTransaction.findAllByCompanyCodeAndVoucherDateBetween(branch, fromDate, toDate, params) Sample 2: def list = AccountTransaction.findAllByCompanyCodeAndVoucherDateGreaterThanEquals(branch, fromDate, params) Sample 3: def list = AccountTransaction.findAllByCompanyCodeAndTransGroup(branch, group, params) "params" contains attributes related to sorting, paging etc. It is very easy to use finder methods but when you want to filter objects by more conditions we need to look for alternatives. For understanding the relationships used in this sample, I listed the grails domain classes. class TransactionTyp

Implementing advanced sort in Grails

The "list" pages generated by inbuilt scaffolding/template features of grails have pagination and sorting features. However, if the domain object displayed in the list is a nested object having another domain object as a property, you may notice that sort is not enabled for that field. Boiler plate code for the header of the list is shown below. As you would have noticed few columns have sortable columns automatically generated by Grails command, generate-all or generate-views. The properties 'partyAccount' and 'bankAccount' in this sample are domain classes nested in the domain class 'partyTransaction'. We could convert them to sortable columns by using the tag g:sortableColum