How can i enable/disable kerberos authentication in grails application with single code base?

Question

We have a product developed in grails 1.3.7 that supports Kerberos and ADS/LDAP authentication. The application is deployed in different environments. Some deployments are running as SaaS. The SaaS deployments don't require kerberos authentication. There is a dummy keytab file placed within the application and the same credentials are configured in the config.groovy as default to start the application without failing (if they are missing, application will not start). This blog helped me a lot while integrating kerberos

The authentication is working fine in all cases. Some customers accessing the SaaS application from their intranet domain are complaining extreme slowness(3-5 minutes) in the response after kerberos integration. When they access from out of the domain, it seems to be pretty faster. Mostly they are using IE browser. But when I tested the same from our domain, I don't see any issue. It loads in 5-7 seconds. So I am not sure if this is something related to their IE configuration or security policy?

Now I want to disable the Kerberos authentication in the application for specific deployments only. I don't want to keep two versions of the code. But I don't see any configuration with spring-security-kerberos plugin to do so.

Spring Security plugins used in the app are

• spring-security-core=1.1.2
• spring-security-kerberos=0.1
• spring-security-ldap=1.0.5

Is it possible to enable/disable kerberos authentication for specific deployment alone or do I need to have 2 versions with and without kerberos?

Will any IE configuration help to solve this?

Answer 1

In the environments you want to disable spring -security just specifiy

grails.plugins.springsecurity.active = false

in your Config.groovy file, that is it.