Grails spring-security-core auth issues

[ddiman]

Hi all-

I've created a new application and installed spring-security-core and spring-security-ui.

I ran s2-quickstart and created the MyUser and MyRole classes. The application creates a couple of users at bootstrap, and while the users create successfully, and the contents of the database look great, the login controller won't let me log in when I try to access a secured resource. It gives the (very attractive) popup:

Code:

Sorry, we were not able to find a user with that username and password.

There are no exceptions thrown, and nothing logged. My first thought was that the output of encodePassword() was being mangled on the way in to the database, but the contents of the password field in the DB exactly match the string that is output by springSecurityService.encodePassword().

If I follow the 'forgot password' workflow and change the user's password based on being e-mailed a link, I am left in a 'logged-in' session, and I can navigate the application with the roles I expect. But if I log out...I can't get logged back in.

Any quick pointers on the next place to look for the problem?

Thanks in advance.

-Dan

[ddiman]

And, almost as quickly as it began, the mystery is over.

I am using the weceem-spring-security plugin, which requires a map between the domain's 'User' object, and the weceem user info, and implements a custom UserDetailsService. The password field in weceem's world was being mapped from a 'passwd' field, which didn't exist, in my domain class.

Kind of a bummer that the app didn't point out that mistake to me, and I had to proofread, but hey, relatively quick to resolve.