Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Added security bridge implementation
- Loading branch information
1 parent
807adac
commit 0f45542
Showing
7 changed files
with
120 additions
and
2 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
.DS_Store | ||
target/ | ||
log/ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,8 @@ | ||
Grails Security Bridge | ||
====================== | ||
|
||
The Grails Security Bridge plugin is used for providing a decoupled, cross-plugin security interface. This allows you to keep the majority of authentication logic in one plugin, while other plugins can reference a public API interface to retrieve the information needed. | ||
|
||
Documentation | ||
------------- | ||
http://bertramdev.github.io/grails-security-bridge |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,85 @@ | ||
The Security-Bridge is kept relatively simple so as to not overcreep on scope. All that needs to be done is to define a security bridge and register this as a spring bean. | ||
|
||
The interface is as follows: | ||
|
||
{code} | ||
package org.grails.plugin.securitybridge | ||
|
||
interface SecurityBridge { | ||
|
||
/** | ||
* Returns the current user object if they are logged in | ||
* @return the implementation's user object or null if nobody is logged in | ||
*/ | ||
def getCurrentUser() | ||
|
||
/** | ||
* Get the user Identifier. | ||
* @return the user identity or null if nobody is logged in | ||
*/ | ||
def getUserIdentity() | ||
|
||
/** | ||
* Returns the current account object of the logged in user | ||
* @return the implementation's account (for basic auth can just be the user object) object or null if nobody is logged in | ||
*/ | ||
def getCurrentAccount() | ||
|
||
/** | ||
* Returns the current users account identity. (Useful if multiple users are tied to one account) | ||
* @return the account name or identity, null if nobody is logged in. | ||
*/ | ||
def getAccountIdentity() | ||
|
||
/** | ||
* Return the current users display name. | ||
*/ | ||
def getCurrentUserDisplayName() | ||
|
||
/** | ||
* Check if the user is currently logged in. | ||
*/ | ||
boolean isLoggedIn() | ||
|
||
/** | ||
* Check if the currently logged in user is authorized to perform an action on the passed object | ||
* @param object The object with which we are dealing with. | ||
* @param action The action you would like to perform | ||
*/ | ||
boolean isAuthorized(object, action) | ||
|
||
/** | ||
* Check if the currently logged in user has the specified role | ||
* @param role | ||
*/ | ||
boolean hasRole(role) | ||
|
||
/** | ||
* Store the request location for the security service to redirect to upon login success | ||
* @param request The request object | ||
*/ | ||
def storeLocation(request) | ||
|
||
/** | ||
* Execute code masquerading as the specified user, for the duration of the Closure block | ||
* @return Whatever the closure returns | ||
*/ | ||
def withUser(identity, Closure code) | ||
|
||
/** | ||
* Create a link to the specified security action | ||
* @param action One of "login", "logout", "signup" | ||
* @return Must return a Map of arguments to pass to g:link to create the link | ||
*/ | ||
Map createLink(String action) | ||
} | ||
{code} | ||
|
||
Simply implementing a class that defines all these methods will create a legitimate securityBridge. Next we need to register this bridge with spring. This can be done in your application's @resources.groovy@ file or in a plugins @doWithSpring@ method. | ||
|
||
{code} | ||
sharedSecurityBridge(com.mycompany.MySecurityBridge) { | ||
//Add any other spring injected references you may need | ||
springSecurityService = ref('springSecurityService') | ||
} | ||
{code} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
The Grails Security Bridge plugin is used for providing a decoupled, cross-plugin security interface. This allows you to keep the majority of authentication logic in one plugin, while other plugins can reference a public API interface to retrieve the information needed. | ||
|
||
This guide documents how to configure and setup a @sharedSecurityBridge@ for use throughout other plugins. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
introduction: Introduction | ||
configuration: Configuration | ||
usage: Usage |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,16 @@ | ||
Now that the security bridge is configured, The spring security bridge can be used anywhere throughout your app by simply defining the @sharedSecurityService@. | ||
|
||
The @sharedSecurityService@ provides access to all methods created in the bridge, as well as some additional methods to make things a bit easier. | ||
|
||
* @getCurrentUser()@ | ||
* @getCurrentAccount()@ | ||
* @getUserIdentity()@ | ||
* @getAccountIdentity()@ | ||
* @getCurrentUserDisplayName()@ | ||
* @isAuthorized(object,action)@ | ||
* @isLoggedIn()@ | ||
* @hasAnyRole(role)@ | ||
* @ifAuthorized(object,action,Closure code)@ | ||
|
||
For More methods please take a look at your SecurityBridge interface. | ||
|