How to create restricted area in Grails?

Question

How to set password (the best if it was in database, so Entity with one record) on some pages (create/edit/delete view and controllers)? It can be redirect to entrance page with form with password field.

Answer 1

I would also recommended you to go with 'spring security core' plugin.

By using spring security core you will be able to :

(1) secure all of your project's possible URLs
(2) provide access to required pages to particular role
(3) assign one or more then one role to particular user
(4) manage individual users with basic information as well as storing password into encrypted form etc.
(5) Its in-built reach set of tag library will help you alot to reduce the logical code.

Apart from the above, the major advantage of using spring security core would be its simplicity and extensibility. As its advance features like :

LDAP
ACL
OpenID
CAS etc

are available with different plugins.

Also there is one more plugin called 'spring security ui' is available, which will provide you all the UI pages (with gsps,controllers) just in a minute.

I have used this plugin in my project before one year, and I would strongly recommended everyone to use it...

You can have a look into its simple User guide which is available here.

Answer 2

Use one of the security plugins, and make the actions that you want to protect only available to users with a particular role. If an unauthenticated user tries to access one of these actions, they will be prompted to login and invocation of the action will only be allowed thereafter if they have been assigned the relevant role.

The spring security plugin is a reasonable choice as it provides the functionality you need and probably the most popular of the Grails security plugins.