Build Twitter with Groovy Grails in 90 Minutes

[ceci123]

Hi, I am new in grails and I am trying to learn it by watching this video. http://www.youtube.com/watch?v=8d1hp8n1stA
I believe the source code is here: https://github.com/grails-samples/grailstwitter

I've followed the tutorial step-by-step but I am unable to login. It returns this error: Sorry, we were not able to find a user with that username and password.
My understanding is that the bootstrap code is supposed to create a user called 'jeff' with a password 'password'. But my app is not happy.

I guess I missed the database configuration part...but how does it know what database to use? I am guessing that this is my problem.

Can anyone give me some pointers?

Thank you

Ceci

[burtbeckwith]

You're most likely double-encoding the password. The latest versions of the plugin have code in the generated User domain class that automatically encrypts the password for you, but older tutorials aren't aware of it and explicitly call springSecurityService.encodePassword(). So either remove the calls to springSecurityService.encodePassword() or remove the encoding in the domain class.

[ceci123]

I can't find any references to springSecurityService.encodePassword() been called. The only file with references to is loginController.groovy file.

import grails.converters.JSON
import grails.plugins.springsecurity.Secured

import org.codehaus.groovy.grails.plugins.springsecurity. SpringSecurityUtils

import org.springframework.security.authentication.Accoun tExpiredException
import org.springframework.security.authentication.Creden tialsExpiredException
import org.springframework.security.authentication.Disabl edException
import org.springframework.security.authentication.Locked Exception
import org.springframework.security.core.context.Security ContextHolder as SCH
import org.springframework.security.web.authentication.Ab stractAuthenticationProcessingFilter
import org.springframework.security.web.authentication.Us ernamePasswordAuthenticationFilter

@Secured('IS_AUTHENTICATED_ANONYMOUSLY')
class LoginController {

/**
* Dependency injection for the authenticationTrustResolver.
*/
def authenticationTrustResolver

/**
* Dependency injection for the springSecurityService.
*/
def springSecurityService

/**
* Default action; redirects to 'defaultTargetUrl' if logged in, /login/auth otherwise.
*/
def index = {
if (springSecurityService.isLoggedIn()) {
redirect uri: SpringSecurityUtils.securityConfig.successHandler. defaultTargetUrl
}
else {
redirect action: auth, params: params
}
}

/**
* Show the login page.
*/
def auth = {

def config = SpringSecurityUtils.securityConfig

if (springSecurityService.isLoggedIn()) {
redirect uri: config.successHandler.defaultTargetUrl
return
}

String view = 'auth'
String postUrl = "${request.contextPath}${config.apf.filterProcesse sUrl}"
render view: view, model: [postUrl: postUrl,
rememberMeParameter: config.rememberMe.parameter]
}

/**
* Show denied page.
*/
def denied = {
if (springSecurityService.isLoggedIn() &&
authenticationTrustResolver.isRememberMe(SCH.conte xt?.authentication)) {
// have cookie but the page is guarded with IS_AUTHENTICATED_FULLY
redirect action: full, params: params
}
}

/**
* Login page for users with a remember-me cookie but accessing a IS_AUTHENTICATED_FULLY page.
*/
def full = {
def config = SpringSecurityUtils.securityConfig
render view: 'auth', params: params,
model: [hasCookie: authenticationTrustResolver.isRememberMe(SCH.conte xt?.authentication),
postUrl: "${request.contextPath}${config.apf.filterProcesse sUrl}"]
}

/**
* Callback after a failed login. Redirects to the auth page with a warning message.
*/
def authfail = {

def username = session[UsernamePasswordAuthenticationFilter.SPRING_SECURI TY_LAST_USERNAME_KEY]
String msg = ''
def exception = session[AbstractAuthenticationProcessingFilter.SPRING_SECU RITY_LAST_EXCEPTION_KEY]
if (exception) {
if (exception instanceof AccountExpiredException) {
msg = SpringSecurityUtils.securityConfig.errors.login.ex pired
}
else if (exception instanceof CredentialsExpiredException) {
msg = SpringSecurityUtils.securityConfig.errors.login.pa sswordExpired
}
else if (exception instanceof DisabledException) {
msg = SpringSecurityUtils.securityConfig.errors.login.di sabled
}
else if (exception instanceof LockedException) {
msg = SpringSecurityUtils.securityConfig.errors.login.lo cked
}
else {
msg = SpringSecurityUtils.securityConfig.errors.login.fa il
}
}

if (springSecurityService.isAjax(request)) {
render([error: msg] as JSON)
}
else {
flash.message = msg
redirect action: auth, params: params
}
}

/**
* The Ajax success redirect url.
*/
def ajaxSuccess = {
render([success: true, username: springSecurityService.authentication.name] as JSON)
}

/**
* The Ajax denied redirect url.
*/
def ajaxDenied = {
render([error: 'access denied'] as JSON)
}
}

[burtbeckwith]

It's probably in grails-app/conf/BootStrap.groovy where the sample users are created.

[ceci123]

the bootstrap.groovy file looks pretty much empty but somehow the demo seem to work.

class BootStrap {

def init = { servletContext ->
}
def destroy = {
}
}

Is there a good book you can recommend? Maybe I'm just failing to see something obvious.

Thanks

[burtbeckwith]

You need to find the code that's creating new users. That's where the password is set and it's being encoded there, in addition to your domain class. You can also remove the domain class code - remove beforeInsert(), beforeUpdate(), and encodePassword(), or just comment out the call to springSecurityService.encodePassword() in encodePassword() as a test.

[pledbrook]

The relevant line is here: https://github.com/grails-samples/gr...rap.groovy#L21 - I don't know why this isn't in your file.

The database configuration is in 'grails-app/conf/DataSource.groovy'. By default, it's an in-memory database.

[riswan]

Hi,
i'm also a rookie trying to create my first grails web application. After creating the application sftwitter and installing spring-security-core plugin, if i run grails s2-quickstart command with package name and the two domain classes, I'm getting a compilation error.

The error goes something like this-

1 error

at org.codehaus.groovy.control.ErrorCollector.failIfE rrors(ErrorCollecto
r.java:296)
at org.codehaus.groovy.control.ErrorCollector.addFata lError(ErrorCollect
or.java:143)
at org.codehaus.groovy.tools.javac.JavacJavaCompiler. compile(JavacJavaCo
mpiler.java:67)
at org.codehaus.groovy.tools.javac.JavaAwareCompilati onUnit.gotoPhase(Ja
vaAwareCompilationUnit.java:89)
at org.codehaus.groovy.control.CompilationUnit.compil e(CompilationUnit.j
ava:474)
at org.codehaus.groovy.control.CompilationUnit.compil e(CompilationUnit.j
ava:448)
at org.codehaus.groovy.tools.FileSystemCompiler.compi le(FileSystemCompil
er.java:57)
at org.codehaus.groovy.tools.FileSystemCompiler.doCom pilation(FileSystem
Compiler.java:170)
at org.codehaus.groovy.ant.Groovyc.compile(Groovyc.ja va:895)
at org.codehaus.groovy.ant.Groovyc.execute(Groovyc.ja va:605)
at org.apache.tools.ant.UnknownElement.execute(Unknow nElement.java:288)
at org.apache.tools.ant.dispatch.DispatchUtils.execut e(DispatchUtils.jav
a:106)
at _GrailsCompile_groovy$_run_closure4_closure10.doCa ll(_GrailsCompile_g
roovy:117)
at _GrailsCompile_groovy$_run_closure4_closure10.doCa ll(_GrailsCompile_g
roovy)
at _GrailsSettings_groovy$_run_closure10.doCall(_Grai lsSettings_groovy:2
80)
at _GrailsSettings_groovy$_run_closure10.call(_Grails Settings_groovy)
at _GrailsCompile_groovy$_run_closure4.doCall(_Grails Compile_groovy:104)

at _GrailsCompile_groovy$_run_closure3.doCall(_Grails Compile_groovy:69)
at _GrailsPackage_groovy$_run_closure2_closure9.doCal l(_GrailsPackage_gr
oovy:85)
at _GrailsPackage_groovy$_run_closure2_closure9.doCal l(_GrailsPackage_gr
oovy)
at _GrailsSettings_groovy$_run_closure10.doCall(_Grai lsSettings_groovy:2
80)
at _GrailsSettings_groovy$_run_closure10.call(_Grails Settings_groovy)
at _GrailsPackage_groovy$_run_closure2.doCall(_Grails Package_groovy:84)
at S2Quickstart$_run_closure1.doCall(S2Quickstart:37)
at gant.Gant$_dispatch_closure5.doCall(Gant.groovy:38 1)
at gant.Gant$_dispatch_closure7.doCall(Gant.groovy:41 5)
at gant.Gant$_dispatch_closure7.doCall(Gant.groovy)
at gant.Gant.withBuildListeners(Gant.groovy:427)
at gant.Gant.this$2$withBuildListeners(Gant.groovy)
at gant.Gant$this$2$withBuildListeners.callCurrent(Un known Source)
at gant.Gant.dispatch(Gant.groovy:415)
at gant.Gant.this$2$dispatch(Gant.groovy)
at gant.Gant.invokeMethod(Gant.groovy)
at gant.Gant.executeTargets(Gant.groovy:590)
at gant.Gant.executeTargets(Gant.groovy:589)
Compilation error: Compilation Failed
C:\grail-test\sftwitter>

(I'm not able to submit the entire error due to size limit)
I'm using Windows 7 operating system. Someone please help me resolve this issue.

Thanks in Advance

[lucaster]

burtbeckwith is right, you are double-encoding the password.

In the video, spring-security-core version 1.0.something is used.

Most probably, you are using a newer version such as 1.2.4

Version 1.2.4 already adds an encodePassword() method in Person.groovy, but in version 1.0.* it didn't.

Open your BootStrap.groovy

Replace the following instruction:

Code:

String password = springSecurityService.encodePassword('password')

with:

Code:

String password = 'password'

[Kiades12]

Hi also did his tutorial and got the same problem

and changing it to String password = 'password' does not work

i have been working on this for days but i cant solve it, anyone has any ideas

thx