Using the Grails Spring Security Core Plugin I found the need to customize the UserDetailsService and use a Grails service. (Part of the roles logic depended on an external API that we already had a service for.) This was easy to accomplish by subclassing the UserDetailsService class I wanted as a base in my case it was actually the SpringSamlUserDetailsService class because I was using the SAML plugin but normally you would subclass GormUserDetailsService. A great starting example is given in the documentation here.

The difference in my case was the need to use the Grails service, I went with providing the service in the resources.groovy file. Below is the example file of what I used.

My resources.groovy

import com.example.saml.CustomUserDetailsService
import org.codehaus.groovy.grails.plugins.springsecurity.SpringSecurityUtils
beans = {
userDetailsService(CustomUserDetailsService) {
grailsApplication = ref(‘grailsApplication’)
myService = ref(‘myService’) //Here we give the reference to the service we want available.
authorityClassName = SpringSecurityUtils.securityConfig.authority.className
authorityJoinClassName = SpringSecurityUtils.securityConfig.userLookup.authorityJoinClassName
authorityNameField = SpringSecurityUtils.securityConfig.authority.nameField
samlAutoCreateActive = SpringSecurityUtils.securityConfig.saml.autoCreate.active
samlAutoAssignAuthorities = SpringSecurityUtils.securityConfig.saml.autoCreate.assignAuthorities as Boolean
samlAutoCreateKey = SpringSecurityUtils.securityConfig.saml.autoCreate.key as String
samlUserAttributeMappings = SpringSecurityUtils.securityConfig.saml.userAttributeMappings
samlUserGroupAttribute = SpringSecurityUtils.securityConfig.saml.userGroupAttribute as String
samlUserGroupToRoleMapping = SpringSecurityUtils.securityConfig.saml.userGroupToRoleMapping
userDomainClassName = SpringSecurityUtils.securityConfig.userLookup.userDomainClassName
authoritiesPropertyName = SpringSecurityUtils.securityConfig.userLookup.authoritiesPropertyName
}
}

Snip from CustomUserDetailsService.groovy

class CustomUserDetailsService extends SpringSamlUserDetailsService {
def myService
}

Comments