Kindly help me to connect grails spring security plugin to work with DocumentDB for storing and retrieving the credentials. I am not using gorm to work with DocumentDB in my application.
According to: http://alvarosanchez.github.io/grails-spring-security-rest/latest/docs/#_token_storage
The tokens are stored on the server using a tokenStorageService bean. The plugin comes with out-of-the-box support for JWT, Memcached, GORM and Grails Cache, but you can use your own strategy implementing the TokenStorageServiceinterface.
You need to implement TokenStorageService interface to connect to DocumentDB using the Azure DocumentDB Java SDK.
Please let me know if you need help on this.
Related
Spring Cloud Dataflow is awesome. It's marvelous and working like a charm.
Only problem we have encountered in missing JDBC authentication. FileBasedAuthetication is not safe and everyone do not LDAP. Huge chunk of users still prefer to use JDBC authentication.
It will be of great support if you help me with JDBC authentication. Do let me know how to implement it, any document or URL be of great help.
You can still add a custom JDBC authentication (via any Spring Boot managed SecurityConfigurer - GlobalAuthenticationConfigurerAdapter) and have it as a bean in your custom Data Flow server configuration(by running it via #EnableDataFlowServer).
You can also contribute the same to Spring Cloud Data Flow.
Thanks!
I have my 2.5.4 grails version application secured by Spring Security and working very well. I need to change that and grant access to the user only if the reply of a rest service allows that. That is, instead of using the spring security functionality of asking for a username/password, I want to call a rest service (that I have already) and if this service replies that the user has access to the application, I want to grant access to this user.
As far as I understand, I need to override the auth method of LoginController of spring security core. Will I also need grails filters?
Could you please provide me with some advice on this topic?
This works for me in BootStrap.groovy running grails 3.1.9. Not sure it will help you, but it might be a starting point.
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken
import org.springframework.security.core.context.SecurityContextHolder as SCH
...
SCH.context.authentication = new UsernamePasswordAuthenticationToken(admin.username, admin.password, admin.authorities)
Have you looked at the spring security rest plugin (version 1.5.3 for grails 2.5.x) and using JWTs to pass around the authentication?
I am developing the webapi using jaxrs plugin in a Grails project (existing) in which there is Spring Security configured which is not allowing me to access the api urls i.e /api/**
I am getting You are not authorised to access this page though I have logged in as Admin but I am not able to configure the access to this path with/without authentication.
I guess you're using spring security?
Authentication is generally handled a little differently when implementing a rest api. Check out the excellent Spring Security REST Plugin. There's some really nice documentation here that explains the authentication lifecycle.
I am trying to use the Spring Security Core plugin in a Grails project using the Neo4j GORM plugin.
As far as I can see I have two options:
Use the Spring Security Core plugin as is and persist it's data to say MySQL while using Neo4j for the rest of the application data.
Use a custom UserDetailsService.
Does anyone have an example of the latter?
pjdv
You mean like the one in the documentation? http://grails-plugins.github.com/grails-spring-security-core/docs/manual/guide/11%20Custom%20UserDetailsService.html
Since the Neo4j plugin is GORM compliant, spring-security-core's GormUserDetailsService should work out of the box.
I'm needing to implement some RESTful webservices for a client in a Grails app and I want to use the jaxrs plugin but I am having a heck of a time finding information on how to implement security that isn't realm based (tomcat-users.xml). I am using the spring-security-core plugin and I'd like to utilize it to authenticate against my webservices. How do I send credentials to the webservice and then authenticate those using spring security? Can someone point me in the right direction?
I found the following and used a modified version of the solution to solve my problem
http://blogs.bytecode.com.au/glen/2010/01/15/hacking-custom-authentication-providers-with-grails-spring-security.html