-
Customizing spring security userdetails
Lately I have been working on Spring security with this configuration: with groups database stored in tenant database First problem I detected was that the PerTenantUserDetailsService implemented in https://johnny.prpr.no/spring-security-multitenant/ was annotated with @CurrentTenant, which is wrong. Furthermore I wanted to add fullName to the UserDetails, for easy lookup. This was achieved by following the plugin […]
-
id generation in database tables
By default GORM uses the native id generation strategy of the database, whether that be an auto-increment column or a sequence. http://gorm.grails.org/latest/hibernate/manual/ Given a configuration with one database server this is good. However when adding replicas this could become problematic, since this is often auto-generated by the database server. For a fuller discussion se the links at […]
-
Spring security core and Postgres
I am using Postgres database server. In Postgres creating a table with then name user is not allowed. One way to solve this is to map the User domain to a table with another name than user. Domain User example that works with Postgres using the table uuser:
-
Analyzing your code with CodeNarc
CodeNarc analyzes Groovy code for defects, bad practices, inconsistencies, style issues and more. A flexible framework for rules, rulesets and custom rules means it’s easy to configure CodeNarc to fit into your project. Build tool, framework support, and report generation are all enterprise ready. This is the description you find on the CodeNarc home page: […]
-
Logging from a library
I sometimes create libraries with less overhead than the e.g. a grails plugin. Applying the same logging as grails is done with these steps: add dependencies add configuration files for testing build.gradle: Then create the src/test/resources directory: In this case I configured test logging with logback-test.xml. For some reason I could not make logback-test.groovy work. […]
-
Logging from tests
Following up on the logging blog post. When creating and later running tests it could be equally helpful with some good logs. Configuring test logging is done with either logback-test.groovy or logback-test.xml which should be placed in the resources directory within the test directory. logback-test.groovy And then setting up the integration test something like: @Slf4j […]
-
Logging
Grails logging is described in the docs: http://docs.grails.org/latest/guide/single.html#logging Grails logging is built on top of logback: http://logback.qos.ch/ Why/What log? In development and testing I use logs as a supplement to debuggers. The logging is configured to be more verbose. In production debugging is not available, so logging is your tool for investigating a situation and […]
-
Spring security core with groups
In this blog post I will look into assigning roles through groups. Group assignment becomes more interesting with: increasing user count increasing role count users with similar access needs Overview There are three basic domains when configuring spring security for groups. User Role RoleGroup We also have these many-to-many helper domains: Each user can be […]
-
Making SystemPropertyTenantResolver work
I use SystemPropertyTenantResolver for testing purposes. One use-case is building a simple app to see how some aspects of multitenancy works. The other use-case is testing with Spock. Minimum necessary code to setup multitenancy and select one tenant. First in application.yml enable multitenancy. Then in application.yml define datasources for each tenant. In this example the […]
-
2FA – with Google Authenticator
This blog post builds on the post “Security – Authentication”. The grails part of this blog is an adaption of this guide. I found some java code to use with Google authenticator and made it work. The blog post will end with a runnable sample application. Adding fields to store authenticator secret We will need […]