We know Groovy has a lot of nice methods for working with collections. For example in previous blog posts we have seen how to take or drop elements from a list and even with a condition. Since Groovy 2.4 we can now also use the dropRight and takeRight methods to take or drop elements from the end of the list.
In the following example we have a simple list and we use the dropRight and takeRight methods to get elements from the list:
Continue reading →
This third and final part in my Stateless Spring Security series is about mixing previous post about JWT token based authentication with spring-social-security. This post directly builds upon it and focusses mostly on the changed parts. The idea is to substitude the username/password based login with "Login with Facebook" functionality based on OAuth 2, but still use the same token based authentication after that.
The user clicks on the "Login with Facebook" button which is a simple link to "/auth/facebook", the SocialAuthenticationFilter notices the lack of additional query parameters and triggers a redirect leading the user of your site to Facebook. They login with their username/password and are redirected back, again to "/auth/facebook" but this time with "?code=...&state=..." parameters specified. (If the user previously logged in at facebook and had a cookie set, facebook will even instantly redirect back and no facebook screen is shown at all to the user.) The fun part is that you can follow this in a browsers network log as it's all done using plain HTTP 302 redirects. (The "Location" header in the HTTP response is used to tell the browser where to go next)
Continue reading →
Since version 2.2 Grails, has better support for managing namespace configuration. This helps to prevent common namespace problems. For example most applications which have security functionality, have for example a UserDetailService which can conflict when you have the Grails SpringSecurity plugin installed. Grails version 2.2. and later comes with four useful techniques to make sure the right class is used
If Grails does not find an existing service with a similar name, Grails will automatically generate an alias for you service with the name of the plugin prefix. For example when you have a plugin called UserUtilities and a service called UserDetailService, you can use UserUtilitiesUserDetailService for dependency injection which will not conflict with the SpringSecurity UserDetailService
Continue reading →
