CODEWITHSUNDEEP
springgrailsspring-security
Natasha Juneja
Natasha Juneja

Reputation: 11

Grails 3 - Security without plugins

I am implementing Spring Security with SAML on a Grails 3.x application without the use of plugins.

I have added the necessary jars as below :

     compile group: 'ca.juliusdavies', name: 'not-yet-commons-ssl', version: '0.3.17'
     compile 'org.opensaml:opensaml:2.6.0'
     compile 'org.opensaml:openws:1.4.1'
     compile 'org.opensaml:xmltooling:1.3.1'
     compile group: 'org.springframework.security', name: 'spring-security-core', version: '3.2.5.RELEASE'
     compile group: 'org.springframework.security', name: 'spring-security-config', version: '3.2.5.RELEASE'
     compile group: 'org.springframework.security.extensions', name: 'spring-security-saml2-core', version: '1.0.5.BUILD-SNAPSHOT'

I have my securitycontext.xml file integrated within resources.groovy.

beans = {
        importBeans('classpath:security/springSecuritySamlBeans.xml')
}

I need to add the following security filters in my web.xml but in Grails 3 this is not possible.Can anyone suggest where these need to be added and how they can be added.

<filter>
        <filter-name>springSecurityFilterChain</filter-name>
        <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
    </filter>
    <filter-mapping>
        <filter-name>springSecurityFilterChain</filter-name>
        <url-pattern>/*</url-pattern>
    </filter-mapping>

From what i read these filters need to be defined in resources.groovy but I am not sure how this is done.

Upvotes: 1

Views: 221

Answers (2)

Kevin Tan
Kevin Tan

Reputation: 1048

Looks to me it still sounds like a hassle. Instead of making this work and you have no clarity on what's going on, you might as well delegate your user registration workflow to a third party service eg Firebase.

Use an interceptor to write that.

Upvotes: 0

Jeff Scott Brown
Jeff Scott Brown

Reputation: 27200

I need to add the following security filters in my web.xml but in Grails 3 this is not possible.

You probably don't really need to add them in web.xml. You probably just need them to be applied in your app. A way to do that in Grails 3 is with a FilterRegistrationBean. See https://github.com/grails/grails-core/blob/6b30c22ac9a3758bde53844f807ea781ca7e3c9d/grails-plugin-controllers/src/main/groovy/org/grails/plugins/web/controllers/ControllersGrailsPlugin.groovy#L93-L112 for several examples. You may want to do something similar in your app's resources.groovy.

Upvotes: 2

Related Questions