Home/ Questions/Q 7719421
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-01T03:24:43+00:00

I have inherited a Grails app, which uses the Acegi 0.5.3 plugin. The application

  • 0

I have inherited a Grails app, which uses the Acegi 0.5.3 plugin.

The application can be accessed via two completely different URLs e.g., app.domainone.com and app.domaintwo.com. The domain names map to two different user communities. Now I have been tasked with restricting user access from only the domain that they are related to. At the moment the users can visit any of the domains and login to the application.

I have some clue about how Acegi works but, can’t say I understand all of it yet. So wanted to ask how I would be able to achieve this.

In an ideal scenario, when the user tries to login, I would like to redirect (if required) to their ‘relevant’ domain and automagically sign them in with their given credentials. However, as an interim solution even a plain redirect to the relevant login page would suffice.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Here goes my CustomAuthenticationProcessingFilter. There is probably a better solution out there but this helped me with the little knowledge that I have of Grails and Spring Security.

        class CustomAuthenticationProcessingFilter extends GrailsAuthenticationProcessingFilter implements
    InitializingBean {

        //def authenticationManager
        @Override
        public int getOrder() {
            return FilterChainOrder.AUTHENTICATION_PROCESSING_FILTER
        }

        @Override
        void doFilterHttp(HttpServletRequest request,
        HttpServletResponse response, FilterChain chain) throws IOException,
        ServletException {
            if (SecurityContextHolder.getContext().getAuthentication() == null) {
                def loginUrl = "${request.getRequestURL().toString() - request.getRequestURI().toString()}${request.contextPath}"
                def username = request.getParameter("j_username")
                def password = request.getParameter("j_password")

                if ( loginUrl && username && password) {
                    def user = User.findByEmailOrCompanyEmail(username,username)
                    if(user) {
                        def query = """select c from Community c, UserCommunity uc
                                        where c.id = uc.comm.id
                                        and uc.user.id = :userId"""
                        def comm = Community.executeQuery(query,[userId:user.id])
                        comm = comm?(comm?.get(0)):null
                        if(loginUrl!=comm?.url) {
                            println "Trying to login using the wrong URL"
                            response.sendRedirect(comm.url+'/login/auth')
                            return
                        }

                    }
                }
            }
//Resume the normal flow
            super.doFilterHttp(request, response, chain)
        }

        @Override
        public void afterPropertiesSet() throws Exception {
            // TODO Auto-generated method stub

        }

    }
    • 0