Grails REST User Authentication

Question

I have two Grails applications that have similar logic, use two different databases but require the same users, userroles, userrights, and all join tables associated to be the same between them. For example, if a user logs into the first application and changes their password, that change would be required to be updated on the second applications database.

My question is: Is there a way to do this with a RESTful API? Is there any best practices for this implementation? I realize that an LDAP or some other type of external directory service would be the best possible choice, but I wanted to see if there was a safe way to do this with a RESTful API.

The problems I see with using REST for updating users, is when the password updates. The request to the second application would try to authenticate with new credentials when the second application still has old credentials associated with the user. Is there a safe way around this?

It would be nice to be able to use the tables already setup for these two applications. The problem with using an LDAP server would be that a fleet of other applications would have to be migrated over to using the LDAP server for authentication. This would cause a quite large architectural change to the suite of applications.

Answer 1

How about having two datasources in each of the two apps, one for the separate app logic and one for the users. And have users datasource in both apps use the same database?

Edit: you can also group the user related domain classes in a plugin and have both apps import the same plugin to keep the classes in sync.