The Grails Spring Security plugin is a wonderful thing and certainly worthy of more time spent on it than in this quick post. It saves days, if not weeks of work, plumbing in the standard security model of most websites. Notwithstanding its obvious benefits, I have noticed that many people struggle with some features of it, especially when retro-fitting it to an existing database schema and I can only assume it’s because the best examples of performing common tasks are only seen when generating the classes from scratch, using the generate-registration and generate-manager scripts.

Continue reading →