Home/ Questions/Q 6752707
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-26T13:04:35+00:00

I’m new to Grails and I’m trying to build a simple help desk application.

  • 0

I’m new to Grails and I’m trying to build a simple help desk application. I want to be able to register a new user, log in, post a request/incident, save it to a database and from administrator side I want to be able to see all requests/incidents in a table, and change permissions of users.
For the security part (and security management) I was thinking of using Spring security & Spring security UI plugins.
For now I’ve created application, installed both spring security and its UI extension, added the realname, email and company properties. When I run the application, I manage to successfully register and when I confirm registration from email i’m automatically logged in, but when I try to log in with different browser I get the following error :

“Sorry, we were not able to find a user with that username and password”

But there is one in the database.

Also, I want to have, lets say Incident domain class where I will persist all incidents/request data. The relationship between the User and Incident domain classes will be one to many. Do I just implement that like any other relationship or do I have to do something special because User is implemented by Spring Security?
I’m open for any suggestions.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    There’s an incompatibility between the latest spring-security-core and spring-security-ui 0.1.2. In particular, spring-security-core moved password encoding into beforeInsert/beforeUpdate event handlers in the User class. RegisterController.register controller in spring-security-ui doesn’t know about this yet, and tries to encode it again, resulting in a doubly encoded password. To fix, override the RegisterController and change the register action to:

    def register = { RegisterCommand command ->

    if (command.hasErrors()) {
        render view: 'index', model: [command: command]
        return
    }

    def user = lookupUserClass().newInstance(email: command.email, username: command.username,
                                             password: command.password, accountLocked: true, enabled: true)
    if (!user.validate() || !user.save()) {
        // TODO
    }

    def registrationCode = new RegistrationCode(username: user.username).save()
    String url = generateLink('verifyRegistration', [t: registrationCode.token])

    def conf = SpringSecurityUtils.securityConfig
    def body = conf.ui.register.emailBody
    if (body.contains('$')) {
        body = evaluate(body, [user: user, url: url])
    }
    mailService.sendMail {
        to command.email
        from conf.ui.register.emailFrom
        subject conf.ui.register.emailSubject
        html body.toString()
    }

    render view: 'index', model: [emailSent: true]
}

    This issue is being tracked in http://jira.grails.org/browse/GPSPRINGSECURITYUI-27.

    Regarding your second question, you can treat your User class just like any other domain object.

    • 0