I installed the Spring Security core 1.2.7.3 plugin on Grails 2.1.1 , ran the s2-quickstart command, and then initialized the initial user and roles in bootstrap.groovy, but I still canβt log in. The text of the corresponding BootStrap.groovy follows:
if (SecRole.count == 0) { def fUserRole = SecRole.findByAuthority('ROLE_FlowUser') ?: new SecRole(authority: 'ROLE_FlowUser').save(failOnError: true, flush: true) def fAdminRole = SecRole.findByAuthority('ROLE_FlowAdmin') ?: new SecRole(authority: 'ROLE_FlowAdmin').save(failOnError: true, flush: true) def bf = SecUser.findByUsername('bill') ?: new SecUser( username: 'bill', password: 'eagle', firstName: 'bill', lastName: 'fly', email: ' bill.fly@baylorhealth.edu ', accountExpired: false, accountLocked: false, passwordExpired: false, enabled: true ).save(failOnError: true, flush: true) if (!bf.authorities.contains(fAdminRole)) { SecUserSecRole.create bf, fAdminRole, true } if (!bf.authorities.contains(fUserRole)) { SecUserSecRole.create bf, fUserRole, true } }
I do not encrypt the password in bootstrap, as it seems, is the answer to most questions of this type. All four entries are written to the database tables, but, of course, I canβt say if the password is encrypted correctly. My initial controller has the following annotation before the class expression:
@Secured(['IS_AUTHENTICATED_FULLY'])
In addition, I added the following to config.groovy:
// Added Spring Security Core plugin:
grails.plugins.springsecurity.userLookup.userDomainClassName = 'cocktail.SecUser' grails.plugins.springsecurity.userLookup.authorityJoinClassName = 'cocktail.SecUserSecRole' grails.plugins.springsecurity.authority.className = 'cocktail.SecRole' grails.plugins.springsecurity.password.algorithm = 'SHA-256'