Hi all,
I have a custom DB schema which doesn't fit the USER/ROLES standard domain object that grails require. I cannot edit the underlying schema, this is the constraint, but I am interesting to use the Spring Security Core plugin features.

I need the plugin only for user autentication, not for their registration beacuse this last one is managed by another piece of software.

My idea is to create some view on DB side in particular:
USER_VIEW with fields (username, password)
ROLE_VIEW with fields (id_role, name)
USER_ROLE_VIEW with fields (id_role, username)

and connect the security plugin to use this view to check user authentication.

Is it possible? ...and how can be done?

Thanks!

I wouldn't bother with the views - it's pretty simple to plug in your own UserDetailsService. See section "11 Custom UserDetailsService" at http://burtbeckwith.github.com/grails-spring-security-core/docs/manual/

Spring Security (and the plugin) doesn't care where the user and role information come from. So as long as a valid UserDetails instance is returned (regardless of where the data lives) it'll work.

Ok, thanks for the hint.

I implement also my custom authentication provider like described here: http://burtbeckwith.github.com/grails-spring-security-core/docs/manual/

A useful example can be found here:
http://weblogs.java.net/blog/brunogh/archive/2010/04/08/creating-email-authentication-provider-grails-acegi-plugin
Be careful to define the providers I put the following string



grails.plugins.springsecurity.providerNames = ['emailAuthenticationProvider', daoAuthenticationProvider','anonymousAuthenticatio nProvider', 'rememberMeAuthenticationProvider']


in "grails-app/conf/Config.groovy" instead of the string proposed in the example that doesn't work.