Spring Secutiry (ACEGI) Plugin and Favicon Permissions

Here’s a quick gotcha for you. You set up a favicon in the root of your web app, as is the convention, and when you log in you are redirected to a picture of your favicon or you are asked to download it… Weird.

Odds on you’ve installed the Spring Security plugin and forgotten to give permission to the favicon file in the root and the result is that on login Spring Security redirects you to the first restricted item that was requested by the browser – the favicon.

The solution? Easy, set the favicon path to IS_AUTHENTICATED_ANONYMOUSLY in your SecurityConfig.groovy (or database):

controllerAnnotationStaticRules = [
    ...
    '/favicon.ico' : ['IS_AUTHENTICATED_ANONYMOUSLY'],
    ...
]
Advertisements

Upgrading Grails from 1.2.2 to 1.3.1

The usually simple upgrade process in Grails has caused me a few headaches in moving from 1.2.2 to 1.3.1. I skipped the 1.3 upgrade because there were a few people having issues on the mailing list but yesterday I bit the bullet and encountered a couple of problems.

I think the release notes for Grails 1.3.x have been unusually poor so this post has the issues I’ve encountered in the hope that you won’t go quite as mad as I have. I’ll keep it updated if I find more problems. Continue reading

Sending Asynchronous HTML Email in Grails with ActiveMQ, JMS and Gmail

Sending email asynchronously is an essential part of most Web applications and there are many ways in which to implement it. In this post I’ve chosen to demonstrate how to set up JMS, ActiveMQ and Gmail with the Grails Mail plugin to provide asynchronous email capabilities while only having to write a few lines of code, all thanks to some great plugins. I’ll also show the fantastic Grails Mail templating feature which uses GSP views to generate HTML emails along with a solution for one of the big bugs with it too!

Continue reading

Simple Aspects using Annotations in Grails

Aspect Oriented Programming is a concept which will be familiar to users of the Spring Framework as one of its core features. However, the details of how to get AOP working in Grails appear thin on the ground, so in this post I will show how to set up a simple aspect then configure and apply it using attributes. I will assume some familiarity with Spring AOP so I won’t explain the terminology or general concepts since they are exactly the sameĀ  in Java as they are in Grails. Continue reading

Updating the Logged in User with Acegi/Spring Security in Grails

Following on from my post on how to log in a user using the Grails Acegi/Spring Security plugin I stumbled into a new use for the same code when I tried to update a user’s own details while logged in. The security plugin caches the user’s domain object so any changes are not seen until the next login (wholly unhelpful when you’re trying to implement account management on a Website!).

Continue reading