Wednesday, December 29, 2010

Grails and Spring Security

I'm developing a personal 'cloud browser' application for iRODS based on my Jargon libraries. Previously, I had started looking at a set of Spring Security libraries that could be used in web apps, such that authentication and gathering of roles could be done against the iRODS security, using iRODS user groups for role based access.

My Spring Security library has a custom AuthenticationManager as well as a custom AuthenticationFilter and AuthenticationToken, as iRODS security uses not only user and password, but also zone, resource, host, and port. Because of the differences, I did not find the Spring Security Grails plug-in to be suitable. Besides, since I am already testing a set of custom libraries, I wanted to take advantage of the library and the XML wiring I had already created.

First, here's what my XML wiring looks like:


I had started to re-create this using Spring DSL in my resources.groovy file, but I was finding it difficult to translate (I'm still very new at Spring DSL, and it had more to do with just getting this done).

I added my mappings to the resources.xml file in my Grails app, and started things up just to see if Spring could wire this together. Knock me over with a feather but that worked! The one issue I had was a complaint about the Spring Security namespace, which was corrected by adding these items to my BuildConfig.groovy:


dependencies {
// specify dependencies here under either 'build', 'compile', 'runtime', 'test' or 'provided' scopes eg.
compile 'org.irods:jargon-core:0.0.3-SNAPSHOT'
compile 'org.irods:jargon-security:0.0.1-SNAPSHOT'
compile 'org.springframework.security:spring-security-core:3.0.5.RELEASE'
compile 'org.springframework.security:spring-security-web:3.0.5.RELEASE'
compile 'org.springframework.security:spring-security-config:3.0.5.RELEASE'

//test 'org.irods:jargon-test:0.0.1-SNAPSHOT'
// runtime 'mysql:mysql-connector-java:5.1.5'
}
The key was actually the spring-security-config dependency.

Next, I started testing with a browser, only to find that the security was not being enforced. The missing step was to add the delegating filter proxy to my web.xml file. Well...what web.xml file? Like I said, I'm very new to Grails. It turns out that I needed to fire up the grails console and do a

grails install-templates


command. This adds templates for various artifacts to my project. Then it's a simple matter of editing the template web.xml file to add my delegating filter proxy mapping like so:


Now, I have not completed all the testing, but it does seem like I'm on the right path. I'll let you all know how it's going, but I think it'll work out.

No comments: