Quantcast

GORM Memory Leak Suggestion

classic Classic list List threaded Threaded
18 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

GORM Memory Leak Suggestion

Steven Grossman
I recently ran into the GORM memory leak posted here:
http://grails.1312388.n4.nabble.com/Memory-leak-td1358871.html

and explained more thoroughly here:
http://burtbeckwith.com/blog/?p=73

The stated workaround/solution is dependent upon the context in which the operation is made.

In a web context, the trick is:
domainClassInstance.errors = null

while in a non-web context, the trick is:
DomainClassGrailsPlugin.PROPERTY_INSTANCE_MAP.get().clear()  


While the difference is certainly stated in the aforementioned posts, I believe that it is the cause of confusion in later posts to this list.

Further, if a particular application (like mine) shares a piece of code between both contexts - web and non-web - it becomes a bit of a dance to satisfy both.

One more note - the web context approach is better encapsulated than its counterpart since it operates only on one domain object instead of all of them.


I propose that the web context approach (domainClassInstance.errors = null) should be made to work for both situations.  This should be as simple as modifying the following code within DomainClassGrailsPlugin:

           put = { key, val ->
                def attributes = rch.getRequestAttributes()
                if (attributes) {
                    attributes.request.setAttribute(key,val)
                }
                else {
                    // original -> don't do this
                    //PROPERTY_INSTANCE_MAP.get().put(key,val)

                    // replacement -> handle nulls
                    def map = PROPERTY_INSTANCE_MAP.get()
                    if (val) {
                        map.put(key,val)
                    } else {
                        map.remove(key)
                    }
                }
            }

Thoughts?
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: GORM Memory Leak Suggestion

Graeme Rocher-4
Administrator
This leak is no longer an issue in Grails 2.0 since we inject an
errors property in the domain class byte code so there is no need to
store them in the thread context

Cheers

On Fri, Nov 25, 2011 at 8:35 PM, sgrossman <[hidden email]> wrote:

> I recently ran into the GORM memory leak posted here:
> http://grails.1312388.n4.nabble.com/Memory-leak-td1358871.html
>
> and explained more thoroughly here:
> http://burtbeckwith.com/blog/?p=73
>
> The stated workaround/solution is dependent upon the context in which the
> operation is made.
>
> In a web context, the trick is:
> domainClassInstance.errors = null
>
> while in a non-web context, the trick is:
> DomainClassGrailsPlugin.PROPERTY_INSTANCE_MAP.get().clear()
>
>
> While the difference is certainly stated in the aforementioned posts, I
> believe that it is the cause of confusion in later posts to this list.
>
> Further, if a particular application (like mine) shares a piece of code
> between both contexts - web and non-web - it becomes a bit of a dance to
> satisfy both.
>
> One more note - the web context approach is better encapsulated than its
> counterpart since it operates only on one domain object instead of all of
> them.
>
>
> I propose that the web context approach (domainClassInstance.errors = null)
> should be made to work for both situations.  This should be as simple as
> modifying the following code within DomainClassGrailsPlugin:
>
>           put = { key, val ->
>                def attributes = rch.getRequestAttributes()
>                if (attributes) {
>                    attributes.request.setAttribute(key,val)
>                }
>                else {
>                    // original -> don't do this
>                    //PROPERTY_INSTANCE_MAP.get().put(key,val)
>
>                    // replacement -> handle nulls
>                    def map = PROPERTY_INSTANCE_MAP.get()
>                    if (val) {
>                        map.put(key,val)
>                    } else {
>                        map.remove(key)
>                    }
>                }
>            }
>
> Thoughts?
>
> --
> View this message in context: http://grails.1312388.n4.nabble.com/GORM-Memory-Leak-Suggestion-tp4108624p4108624.html
> Sent from the Grails - user mailing list archive at Nabble.com.
>
> ---------------------------------------------------------------------
> To unsubscribe from this list, please visit:
>
>    http://xircles.codehaus.org/manage_email
>
>
>



--
Graeme Rocher
Grails Project Lead
SpringSource - A Division of VMware
http://www.springsource.com

---------------------------------------------------------------------
To unsubscribe from this list, please visit:

    http://xircles.codehaus.org/manage_email


Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: GORM Memory Leak Suggestion

Steven Grossman
Terrific news!  

I had looked at the source code for DomainClassGrailsPlugin in 2.0 M1 and the code hadn't changed.  Is that simply an oversight or is this a late-breaking development to be included in M2?
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

springsecurity plugin usage problem

Qin Ding
I am using springSecurity plugin.  Seems working but there is a problem I don't know how to fix it.

In my config.groovy, I have the following:
grails.plugins.springsecurity.interceptUrlMap = [
'/abc/*': ['IS_AUTHENTICATED_REMEMBERED', 'ROLE_ADMIN'],
'/xyz/*': ['IS_AUTHENTICATED_REMEMBERED', 'ROLE_ADMIN'],
'/student/*': ['IS_AUTHENTICATED_REMEMBERED', 'ROLE_STUDENT', 'ROLE_ADMIN'],
'/teacher/*': ['IS_AUTHENTICATED_REMEMBERED','ROLE_TEACHER', 'ROLE_ADMIN'],
'/.**': ['IS_AUTHENTICATED_ANONYMOUSLY']
]

In my UrlMappings.groovy, I have the following:
static mappings = {
"/login/$action?"(controller: "login")
"/logout/$action?"(controller: "logout")
"/$controller/$action?/$id?"{
constraints {
// apply constraints here
}
}
"/"(view:"/index")
"500"(view:'/error')
}
On my welcome page (/index.gsp), I have a link for login.  When I click the login, the auth.gsp page is shown, I typed an INVALID the username/password, I got a page with message "undefined", and the url is http://localhost:8080/myapplication/j_spring_security_check. Refresh the page, then I got the Sorry, we were not able to find a user with that username and password on the auth.gsp.  

Now I typed an VALID username/password, I got the same "undefined" page which is  http://localhost:8080/myapplication/j_spring_security_check.  Refresh this page, I got the Sorry, we were not able to find a user with that username and password on the auth.gsp.   Remove /j_spring_security_check from http://localhost:8080/myapplication, then I logged in without the problem.

What did I do wrong?  How can I not get /j_spring_security_check?  If I have an invalid id/pwd, directly goes to the login page again with error message; if I have an Valid id/pwd, let me in. 

By the way, my index.gsp serves two purposes, first present some general information and allows the user to login.  The second when the user logged in, there are a menu with different menu items for different roles.  A user with student role will have different menu items than a user with teacher role.  So when a user login by localhost:8080/myapplication, the index.gsp is displayed. After the user logged in,, the index.gsp is shown again with the proper menu presented.

Thank you

Q



Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: springsecurity plugin usage problem

Paul B. Hill
Hi,

By any chance do you have a mismatch in the password encoding?

 From
<http://grails.1312388.n4.nabble.com/ANN-Spring-Security-Core-Plugin-1-2-released-td3708266.html>
:

"...version 1.2 of the Spring Security Core plugin...the 'user' domain
class now handles password encryption, so you no longer need to call
springSecurityService.encodePassword() when creating or updating a user
- just create it the normal way, e.g. "new User(username: 'me',
password: 'secret', enabled: true)" and it will get auto-encrypted...."

Also, the last I knew the Spring Security UI plugin had not been updated
to align with this change. Which means it will doubly encode the
password, when using the UI plugin to create new users.

Paul


On 11/25/2011 7:33 PM, Qin Ding wrote:

> I am using springSecurity plugin. Seems working but there is a problem I
> don't know how to fix it.
>
> In my config.groovy, I have the following:
> grails.plugins.springsecurity.interceptUrlMap = [
> '/abc/*': ['IS_AUTHENTICATED_REMEMBERED', 'ROLE_ADMIN'],
> '/xyz/*': ['IS_AUTHENTICATED_REMEMBERED', 'ROLE_ADMIN'],
> '/student/*': ['IS_AUTHENTICATED_REMEMBERED', 'ROLE_STUDENT', 'ROLE_ADMIN'],
> '/teacher/*': ['IS_AUTHENTICATED_REMEMBERED','ROLE_TEACHER', 'ROLE_ADMIN'],
> '/.**': ['IS_AUTHENTICATED_ANONYMOUSLY']
> ]
>
> In my UrlMappings.groovy, I have the following:
> static mappings = {
> "/login/$action?"(controller: "login")
> "/logout/$action?"(controller: "logout")
> "/$controller/$action?/$id?"{
> constraints {
> // apply constraints here
> }
> }
> "/"(view:"/index")
> "500"(view:'/error')
> }
> On my welcome page (/index.gsp), I have a link for login. When I click
> the login, the auth.gsp page is shown, I typed an INVALID the
> username/password, I got a page with message "undefined", and the url is
> http://localhost:8080/myapplication/j_spring_security_check
> <http://localhost:8080/m.exerpal/j_spring_security_check>. Refresh the
> page, then I got the Sorry, we were not able to find a user with that
> username and password on the auth.gsp.
>
> Now I typed an VALID username/password, I got the same "undefined" page
> which is http://localhost:8080/myapplication/j_spring_security_check
> <http://localhost:8080/m.exerpal/j_spring_security_check>. Refresh this
> page, I got the Sorry, we were not able to find a user with that
> username and password on the auth.gsp. Remove /j_spring_security_check
> from http://localhost:8080/myapplication, then I logged in without the
> problem.
>
> What did I do wrong? How can I not get /j_spring_security_check? If I
> have an invalid id/pwd, directly goes to the login page again with error
> message; if I have an Valid id/pwd, let me in.
>
> By the way, my index.gsp serves two purposes, first present some general
> information and allows the user to login. The second when the user
> logged in, there are a menu with different menu items for different
> roles. A user with student role will have different menu items than a
> user with teacher role. So when a user login by
> localhost:8080/myapplication, the index.gsp is displayed. After the user
> logged in,, the index.gsp is shown again with the proper menu presented.
>
> Thank you
>
> Q
>
>
>

---------------------------------------------------------------------
To unsubscribe from this list, please visit:

    http://xircles.codehaus.org/manage_email


Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

RE: springsecurity plugin usage problem

netwiser
Can you please check in your auth.gsp, are you using g:form or <form> ?

You have to use <g:form> to make it work.

> Date: Fri, 25 Nov 2011 20:30:47 -0500

> From: [hidden email]
> To: [hidden email]
> Subject: Re: [grails-user] springsecurity plugin usage problem
>
> Hi,
>
> By any chance do you have a mismatch in the password encoding?
>
> From
> <http://grails.1312388.n4.nabble.com/ANN-Spring-Security-Core-Plugin-1-2-released-td3708266.html>
> :
>
> "...version 1.2 of the Spring Security Core plugin...the 'user' domain
> class now handles password encryption, so you no longer need to call
> springSecurityService.encodePassword() when creating or updating a user
> - just create it the normal way, e.g. "new User(username: 'me',
> password: 'secret', enabled: true)" and it will get auto-encrypted...."
>
> Also, the last I knew the Spring Security UI plugin had not been updated
> to align with this change. Which means it will doubly encode the
> password, when using the UI plugin to create new users.
>
> Paul
>
>
> On 11/25/2011 7:33 PM, Qin Ding wrote:
> > I am using springSecurity plugin. Seems working but there is a problem I
> > don't know how to fix it.
> >
> > In my config.groovy, I have the following:
> > grails.plugins.springsecurity.interceptUrlMap = [
> > '/abc/*': ['IS_AUTHENTICATED_REMEMBERED', 'ROLE_ADMIN'],
> > '/xyz/*': ['IS_AUTHENTICATED_REMEMBERED', 'ROLE_ADMIN'],
> > '/student/*': ['IS_AUTHENTICATED_REMEMBERED', 'ROLE_STUDENT', 'ROLE_ADMIN'],
> > '/teacher/*': ['IS_AUTHENTICATED_REMEMBERED','ROLE_TEACHER', 'ROLE_ADMIN'],
> > '/.**': ['IS_AUTHENTICATED_ANONYMOUSLY']
> > ]
> >
> > In my UrlMappings.groovy, I have the following:
> > static mappings = {
> > "/login/$action?"(controller: "login")
> > "/logout/$action?"(controller: "logout")
> > "/$controller/$action?/$id?"{
> > constraints {
> > // apply constraints here
> > }
> > }
> > "/"(view:"/index")
> > "500"(view:'/error')
> > }
> > On my welcome page (/index.gsp), I have a link for login. When I click
> > the login, the auth.gsp page is shown, I typed an INVALID the
> > username/password, I got a page with message "undefined", and the url is
> > http://localhost:8080/myapplication/j_spring_security_check
> > <http://localhost:8080/m.exerpal/j_spring_security_check>. Refresh the
> > page, then I got the Sorry, we were not able to find a user with that
> > username and password on the auth.gsp.
> >
> > Now I typed an VALID username/password, I got the same "undefined" page
> > which is http://localhost:8080/myapplication/j_spring_security_check
> > <http://localhost:8080/m.exerpal/j_spring_security_check>. Refresh this
> > page, I got the Sorry, we were not able to find a user with that
> > username and password on the auth.gsp. Remove /j_spring_security_check
> > from http://localhost:8080/myapplication, then I logged in without the
> > problem.
> >
> > What did I do wrong? How can I not get /j_spring_security_check? If I
> > have an invalid id/pwd, directly goes to the login page again with error
> > message; if I have an Valid id/pwd, let me in.
> >
> > By the way, my index.gsp serves two purposes, first present some general
> > information and allows the user to login. The second when the user
> > logged in, there are a menu with different menu items for different
> > roles. A user with student role will have different menu items than a
> > user with teacher role. So when a user login by
> > localhost:8080/myapplication, the index.gsp is displayed. After the user
> > logged in,, the index.gsp is shown again with the proper menu presented.
> >
> > Thank you
> >
> > Q
> >
> >
> >
>
> ---------------------------------------------------------------------
> To unsubscribe from this list, please visit:
>
> http://xircles.codehaus.org/manage_email
>
>
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: springsecurity plugin usage problem

Qin Ding
I checked that originally it was <form action='${postUrl}' method='POST' id='loginForm' class='cssform'>...</form>

After I changed to <g:form action='${postUrl}' method='POST' id='loginForm' class='cssform'>...</g:form>,  the auth.gsp is not loaded any more "Error loading page". There is no error output in the console, though.  So I don't know what cause the error in loading the page.

I don't manually encode the password.

Q


From: James Zhang <[hidden email]>
To: [hidden email]
Sent: Friday, November 25, 2011 9:26 PM
Subject: RE: [grails-user] springsecurity plugin usage problem

Can you please check in your auth.gsp, are you using g:form or <form> ?

You have to use <g:form> to make it work.

> Date: Fri, 25 Nov 2011 20:30:47 -0500

> From: [hidden email]
> To: [hidden email]
> Subject: Re: [grails-user] springsecurity plugin usage problem
>
> Hi,
>
> By any chance do you have a mismatch in the password encoding?
>
> From
> <http://grails.1312388.n4.nabble.com/ANN-Spring-Security-Core-Plugin-1-2-released-td3708266.html>
> :
>
> "...version 1.2 of the Spring Security Core plugin...the 'user' domain
> class now handles password encryption, so you no longer need to call
> springSecurityService.encodePassword() when creating or updating a user
> - just create it the normal way, e.g. "new User(username: 'me',
> password: 'secret', enabled: true)" and it will get auto-encrypted...."
>
> Also, the last I knew the Spring Security UI plugin had not been updated
> to align with this change. Which means it will doubly encode the
> password, when using the UI plugin to create new users.
>
> Paul
>
>
> On 11/25/2011 7:33 PM, Qin Ding wrote:
> > I am using springSecurity plugin. Seems working but there is a problem I
> > don't know how to fix it.
> >
> > In my config.groovy, I have the following:
> > grails.plugins.springsecurity.interceptUrlMap = [
> > '/abc/*': ['IS_AUTHENTICATED_REMEMBERED', 'ROLE_ADMIN'],
> > '/xyz/*': ['IS_AUTHENTICATED_REMEMBERED', 'ROLE_ADMIN'],
> > '/student/*': ['IS_AUTHENTICATED_REMEMBERED', 'ROLE_STUDENT', 'ROLE_ADMIN'],
> > '/teacher/*': ['IS_AUTHENTICATED_REMEMBERED','ROLE_TEACHER', 'ROLE_ADMIN'],
> > '/.**': ['IS_AUTHENTICATED_ANONYMOUSLY']
> > ]
> >
> > In my UrlMappings.groovy, I have the following:
> > static mappings = {
> > "/login/$action?"(controller: "login")
> > "/logout/$action?"(controller: "logout")
> > "/$controller/$action?/$id?"{
> > constraints {
> > // apply constraints here
> > }
> > }
> > "/"(view:"/index")
> > "500"(view:'/error')
> > }
> > On my welcome page (/index.gsp), I have a link for login. When I click
> > the login, the auth.gsp page is shown, I typed an INVALID the
> > username/password, I got a page with message "undefined", and the url is
> > http://localhost:8080/myapplication/j_spring_security_check
> > <http://localhost:8080/m.exerpal/j_spring_security_check>. Refresh the
> > page, then I got the Sorry, we were not able to find a user with that
> > username and password on the auth.gsp.
> >
> > Now I typed an VALID username/password, I got the same "undefined" page
> > which is http://localhost:8080/myapplication/j_spring_security_check
> > <http://localhost:8080/m.exerpal/j_spring_security_check>. Refresh this
> > page, I got the Sorry, we were not able to find a user with that
> > username and password on the auth.gsp. Remove /j_spring_security_check
> > from http://localhost:8080/myapplication, then I logged in without the
> > problem.
> >
> > What did I do wrong? How can I not get /j_spring_security_check? If I
> > have an invalid id/pwd, directly goes to the login page again with error
> > message; if I have an Valid id/pwd, let me in.
> >
> > By the way, my index.gsp serves two purposes, first present some general
> > information and allows the user to login. The second when the user
> > logged in, there are a menu with different menu items for different
> > roles. A user with student role will have different menu items than a
> > user with teacher role. So when a user login by
> > localhost:8080/myapplication, the index.gsp is displayed. After the user
> > logged in,, the index.gsp is shown again with the proper menu presented.
> >
> > Thank you
> >
> > Q
> >
> >
> >
>
> ---------------------------------------------------------------------
> To unsubscribe from this list, please visit:
>
> http://xircles.codehaus.org/manage_email
>
>


Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: springsecurity plugin usage problem

harjit@teslagovernment.com
What action is it being mapped to  ? I don't see that...

- Harjit
On Nov 25, 2011, at 11:31 PM, Qin Ding wrote:

I checked that originally it was <form action='${postUrl}' method='POST' id='loginForm' class='cssform'>...</form>

After I changed to <g:form action='${postUrl}' method='POST' id='loginForm' class='cssform'>...</g:form>,  the auth.gsp is not loaded any more "Error loading page". There is no error output in the console, though.  So I don't know what cause the error in loading the page.

I don't manually encode the password.

Q


From: James Zhang <[hidden email]>
To: [hidden email]
Sent: Friday, November 25, 2011 9:26 PM
Subject: RE: [grails-user] springsecurity plugin usage problem

Can you please check in your auth.gsp, are you using g:form or <form> ?

You have to use <g:form> to make it work.

> Date: Fri, 25 Nov 2011 20:30:47 -0500

> From: [hidden email]
> To: [hidden email]
> Subject: Re: [grails-user] springsecurity plugin usage problem
>
> Hi,
>
> By any chance do you have a mismatch in the password encoding?
>
> From
> <http://grails.1312388.n4.nabble.com/ANN-Spring-Security-Core-Plugin-1-2-released-td3708266.html>
> :
>
> "...version 1.2 of the Spring Security Core plugin...the 'user' domain
> class now handles password encryption, so you no longer need to call
> springSecurityService.encodePassword() when creating or updating a user
> - just create it the normal way, e.g. "new User(username: 'me',
> password: 'secret', enabled: true)" and it will get auto-encrypted...."
>
> Also, the last I knew the Spring Security UI plugin had not been updated
> to align with this change. Which means it will doubly encode the
> password, when using the UI plugin to create new users.
>
> Paul
>
>
> On 11/25/2011 7:33 PM, Qin Ding wrote:
> > I am using springSecurity plugin. Seems working but there is a problem I
> > don't know how to fix it.
> >
> > In my config.groovy, I have the following:
> > grails.plugins.springsecurity.interceptUrlMap = [
> > '/abc/*': ['IS_AUTHENTICATED_REMEMBERED', 'ROLE_ADMIN'],
> > '/xyz/*': ['IS_AUTHENTICATED_REMEMBERED', 'ROLE_ADMIN'],
> > '/student/*': ['IS_AUTHENTICATED_REMEMBERED', 'ROLE_STUDENT', 'ROLE_ADMIN'],
> > '/teacher/*': ['IS_AUTHENTICATED_REMEMBERED','ROLE_TEACHER', 'ROLE_ADMIN'],
> > '/.**': ['IS_AUTHENTICATED_ANONYMOUSLY']
> > ]
> >
> > In my UrlMappings.groovy, I have the following:
> > static mappings = {
> > "/login/$action?"(controller: "login")
> > "/logout/$action?"(controller: "logout")
> > "/$controller/$action?/$id?"{
> > constraints {
> > // apply constraints here
> > }
> > }
> > "/"(view:"/index")
> > "500"(view:'/error')
> > }
> > On my welcome page (/index.gsp), I have a link for login. When I click
> > the login, the auth.gsp page is shown, I typed an INVALID the
> > username/password, I got a page with message "undefined", and the url is
> > http://localhost:8080/myapplication/j_spring_security_check
> > <http://localhost:8080/m.exerpal/j_spring_security_check>. Refresh the
> > page, then I got the Sorry, we were not able to find a user with that
> > username and password on the auth.gsp.
> >
> > Now I typed an VALID username/password, I got the same "undefined" page
> > which is http://localhost:8080/myapplication/j_spring_security_check
> > <http://localhost:8080/m.exerpal/j_spring_security_check>. Refresh this
> > page, I got the Sorry, we were not able to find a user with that
> > username and password on the auth.gsp. Remove /j_spring_security_check
> > from http://localhost:8080/myapplication, then I logged in without the
> > problem.
> >
> > What did I do wrong? How can I not get /j_spring_security_check? If I
> > have an invalid id/pwd, directly goes to the login page again with error
> > message; if I have an Valid id/pwd, let me in.
> >
> > By the way, my index.gsp serves two purposes, first present some general
> > information and allows the user to login. The second when the user
> > logged in, there are a menu with different menu items for different
> > roles. A user with student role will have different menu items than a
> > user with teacher role. So when a user login by
> > localhost:8080/myapplication, the index.gsp is displayed. After the user
> > logged in,, the index.gsp is shown again with the proper menu presented.
> >
> > Thank you
> >
> > Q
> >
> >
> >
>
> ---------------------------------------------------------------------
> To unsubscribe from this list, please visit:
>
> http://xircles.codehaus.org/manage_email
>
>



Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: springsecurity plugin usage problem

burtbeckwith
In reply to this post by netwiser
That's not true. <g:form> renders a <form> but only as a convenience. Everything doable with <g:form> is doable a bit more verbosely with <form>.

Burt

>
> Can you please check in your auth.gsp, are you using g:form or <form> ?
> You have to use <g:form> to make it work.
>
> > Date: Fri, 25 Nov 2011 20:30:47 -0500
> > From: [hidden email]
> > To: [hidden email]
> > Subject: Re: [grails-user] springsecurity plugin usage problem
> >
> > Hi,
> >
> > By any chance do you have a mismatch in the password encoding?
> >
> >  From
> > <http://grails.1312388.n4.nabble.com/ANN-Spring-Security-Core-Plugin-1-2-released-td3708266.html>
> > :
> >
> > "...version 1.2 of the Spring Security Core plugin...the 'user' domain
> > class now handles password encryption, so you no longer need to call
> > springSecurityService.encodePassword() when creating or updating a user
> > - just create it the normal way, e.g. "new User(username: 'me',
> > password: 'secret', enabled: true)" and it will get auto-encrypted...."
> >
> > Also, the last I knew the Spring Security UI plugin had not been updated
> > to align with this change. Which means it will doubly encode the
> > password, when using the UI plugin to create new users.
> >
> > Paul
> >
> >
> > On 11/25/2011 7:33 PM, Qin Ding wrote:
> > > I am using springSecurity plugin. Seems working but there is a problem I
> > > don't know how to fix it.
> > >
> > > In my config.groovy, I have the following:
> > > grails.plugins.springsecurity.interceptUrlMap = [
> > > '/abc/*': ['IS_AUTHENTICATED_REMEMBERED', 'ROLE_ADMIN'],
> > > '/xyz/*': ['IS_AUTHENTICATED_REMEMBERED', 'ROLE_ADMIN'],
> > > '/student/*': ['IS_AUTHENTICATED_REMEMBERED', 'ROLE_STUDENT', 'ROLE_ADMIN'],
> > > '/teacher/*': ['IS_AUTHENTICATED_REMEMBERED','ROLE_TEACHER', 'ROLE_ADMIN'],
> > > '/.**': ['IS_AUTHENTICATED_ANONYMOUSLY']
> > > ]
> > >
> > > In my UrlMappings.groovy, I have the following:
> > > static mappings = {
> > > "/login/$action?"(controller: "login")
> > > "/logout/$action?"(controller: "logout")
> > > "/$controller/$action?/$id?"{
> > > constraints {
> > > // apply constraints here
> > > }
> > > }
> > > "/"(view:"/index")
> > > "500"(view:'/error')
> > > }
> > > On my welcome page (/index.gsp), I have a link for login. When I click
> > > the login, the auth.gsp page is shown, I typed an INVALID the
> > > username/password, I got a page with message "undefined", and the url is
> > > http://localhost:8080/myapplication/j_spring_security_check
> > > <http://localhost:8080/m.exerpal/j_spring_security_check>. Refresh the
> > > page, then I got the Sorry, we were not able to find a user with that
> > > username and password on the auth.gsp.
> > >
> > > Now I typed an VALID username/password, I got the same "undefined" page
> > > which is http://localhost:8080/myapplication/j_spring_security_check
> > > <http://localhost:8080/m.exerpal/j_spring_security_check>. Refresh this
> > > page, I got the Sorry, we were not able to find a user with that
> > > username and password on the auth.gsp. Remove /j_spring_security_check
> > > from http://localhost:8080/myapplication, then I logged in without the
> > > problem.
> > >
> > > What did I do wrong? How can I not get /j_spring_security_check? If I
> > > have an invalid id/pwd, directly goes to the login page again with error
> > > message; if I have an Valid id/pwd, let me in.
> > >
> > > By the way, my index.gsp serves two purposes, first present some general
> > > information and allows the user to login. The second when the user
> > > logged in, there are a menu with different menu items for different
> > > roles. A user with student role will have different menu items than a
> > > user with teacher role. So when a user login by
> > > localhost:8080/myapplication, the index.gsp is displayed. After the user
> > > logged in,, the index.gsp is shown again with the proper menu presented.
> > >
> > > Thank you
> > >
> > > Q
> > >
> > >
> > >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe from this list, please visit:
> >
> >     http://xircles.codehaus.org/manage_email
> >
> >
>      

---------------------------------------------------------------------
To unsubscribe from this list, please visit:

    http://xircles.codehaus.org/manage_email


Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: springsecurity plugin usage problem

burtbeckwith
In reply to this post by harjit@teslagovernment.com
It's not an action, it's a uri - the value of the "postUrl" attribute is set in LoginController. By default it's "/j_spring_security_check". This is intercepted by Spring Security to process the authentication.

Burt

> What action is it being mapped to  ? I don't see that...
>
> - Harjit
> On Nov 25, 2011, at 11:31 PM, Qin Ding wrote:
>
> > I checked that originally it was <form action='${postUrl}' method='POST' id='loginForm' class='cssform'>...</form>
> >
> > After I changed to <g:form action='${postUrl}' method='POST' id='loginForm' class='cssform'>...</g:form>,  the auth.gsp is not loaded any more "Error loading page". There is no error output in the console, though.  So I don't know what cause the error in loading the page.
> >
> > I don't manually encode the password.
> >
> > Q
> >
> > From: James Zhang <[hidden email]>
> > To: [hidden email]
> > Sent: Friday, November 25, 2011 9:26 PM
> > Subject: RE: [grails-user] springsecurity plugin usage problem
> >
> > Can you please check in your auth.gsp, are you using g:form or <form> ?
> >
> > You have to use <g:form> to make it work.
> >
> > > Date: Fri, 25 Nov 2011 20:30:47 -0500
> > > From: [hidden email]
> > > To: [hidden email]
> > > Subject: Re: [grails-user] springsecurity plugin usage problem
> > >
> > > Hi,
> > >
> > > By any chance do you have a mismatch in the password encoding?
> > >
> > > From
> > > <http://grails.1312388.n4.nabble.com/ANN-Spring-Security-Core-Plugin-1-2-released-td3708266.html>
> > > :
> > >
> > > "...version 1.2 of the Spring Security Core plugin...the 'user' domain
> > > class now handles password encryption, so you no longer need to call
> > > springSecurityService.encodePassword() when creating or updating a user
> > > - just create it the normal way, e.g. "new User(username: 'me',
> > > password: 'secret', enabled: true)" and it will get auto-encrypted...."
> > >
> > > Also, the last I knew the Spring Security UI plugin had not been updated
> > > to align with this change. Which means it will doubly encode the
> > > password, when using the UI plugin to create new users.
> > >
> > > Paul
> > >
> > >
> > > On 11/25/2011 7:33 PM, Qin Ding wrote:
> > > > I am using springSecurity plugin. Seems working but there is a problem I
> > > > don't know how to fix it.
> > > >
> > > > In my config.groovy, I have the following:
> > > > grails.plugins.springsecurity.interceptUrlMap = [
> > > > '/abc/*': ['IS_AUTHENTICATED_REMEMBERED', 'ROLE_ADMIN'],
> > > > '/xyz/*': ['IS_AUTHENTICATED_REMEMBERED', 'ROLE_ADMIN'],
> > > > '/student/*': ['IS_AUTHENTICATED_REMEMBERED', 'ROLE_STUDENT', 'ROLE_ADMIN'],
> > > > '/teacher/*': ['IS_AUTHENTICATED_REMEMBERED','ROLE_TEACHER', 'ROLE_ADMIN'],
> > > > '/.**': ['IS_AUTHENTICATED_ANONYMOUSLY']
> > > > ]
> > > >
> > > > In my UrlMappings.groovy, I have the following:
> > > > static mappings = {
> > > > "/login/$action?"(controller: "login")
> > > > "/logout/$action?"(controller: "logout")
> > > > "/$controller/$action?/$id?"{
> > > > constraints {
> > > > // apply constraints here
> > > > }
> > > > }
> > > > "/"(view:"/index")
> > > > "500"(view:'/error')
> > > > }
> > > > On my welcome page (/index.gsp), I have a link for login. When I click
> > > > the login, the auth.gsp page is shown, I typed an INVALID the
> > > > username/password, I got a page with message "undefined", and the url is
> > > > http://localhost:8080/myapplication/j_spring_security_check
> > > > <http://localhost:8080/m.exerpal/j_spring_security_check>. Refresh the
> > > > page, then I got the Sorry, we were not able to find a user with that
> > > > username and password on the auth.gsp.
> > > >
> > > > Now I typed an VALID username/password, I got the same "undefined" page
> > > > which is http://localhost:8080/myapplication/j_spring_security_check
> > > > <http://localhost:8080/m.exerpal/j_spring_security_check>. Refresh this
> > > > page, I got the Sorry, we were not able to find a user with that
> > > > username and password on the auth.gsp. Remove /j_spring_security_check
> > > > from http://localhost:8080/myapplication, then I logged in without the
> > > > problem.
> > > >
> > > > What did I do wrong? How can I not get /j_spring_security_check? If I
> > > > have an invalid id/pwd, directly goes to the login page again with error
> > > > message; if I have an Valid id/pwd, let me in.
> > > >
> > > > By the way, my index.gsp serves two purposes, first present some general
> > > > information and allows the user to login. The second when the user
> > > > logged in, there are a menu with different menu items for different
> > > > roles. A user with student role will have different menu items than a
> > > > user with teacher role. So when a user login by
> > > > localhost:8080/myapplication, the index.gsp is displayed. After the user
> > > > logged in,, the index.gsp is shown again with the proper menu presented.
> > > >
> > > > Thank you
> > > >
> > > > Q
> > > >
> > > >
> > > >
> > >
> > > ---------------------------------------------------------------------
> > > To unsubscribe from this list, please visit:
> > >
> > > http://xircles.codehaus.org/manage_email
> > >
> > >
> >
> >
>
>

---------------------------------------------------------------------
To unsubscribe from this list, please visit:

    http://xircles.codehaus.org/manage_email


Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: springsecurity plugin usage problem

Qin Ding
Is there a way I can do in order to debug through this?  Simply set a breakpoint on the loginController did not reveal anything. Set the log4j debug on springsecurity generated too much information for me to see anything related to this problem.

Q


From: Burt Beckwith <[hidden email]>
To: [hidden email]
Sent: Saturday, November 26, 2011 3:36 PM
Subject: Re: [grails-user] springsecurity plugin usage problem

It's not an action, it's a uri - the value of the "postUrl" attribute is set in LoginController. By default it's "/j_spring_security_check". This is intercepted by Spring Security to process the authentication.

Burt

> What action is it being mapped to  ? I don't see that...
>
> - Harjit
> On Nov 25, 2011, at 11:31 PM, Qin Ding wrote:
>
> > I checked that originally it was <form action='${postUrl}' method='POST' id='loginForm' class='cssform'>...</form>
> >
> > After I changed to <g:form action='${postUrl}' method='POST' id='loginForm' class='cssform'>...</g:form>,  the auth.gsp is not loaded any more "Error loading page". There is no error output in the console, though.  So I don't know what cause the error in loading the page.
> >
> > I don't manually encode the password.
> >
> > Q
> >
> > From: James Zhang <[hidden email]>
> > To: [hidden email]
> > Sent: Friday, November 25, 2011 9:26 PM
> > Subject: RE: [grails-user] springsecurity plugin usage problem
> >
> > Can you please check in your auth.gsp, are you using g:form or <form> ?
> >
> > You have to use <g:form> to make it work.
> >
> > > Date: Fri, 25 Nov 2011 20:30:47 -0500
> > > From: [hidden email]
> > > To: [hidden email]
> > > Subject: Re: [grails-user] springsecurity plugin usage problem
> > >
> > > Hi,
> > >
> > > By any chance do you have a mismatch in the password encoding?
> > >
> > > From
> > > <http://grails.1312388.n4.nabble.com/ANN-Spring-Security-Core-Plugin-1-2-released-td3708266.html>
> > > :
> > >
> > > "...version 1.2 of the Spring Security Core plugin...the 'user' domain
> > > class now handles password encryption, so you no longer need to call
> > > springSecurityService.encodePassword() when creating or updating a user
> > > - just create it the normal way, e.g. "new User(username: 'me',
> > > password: 'secret', enabled: true)" and it will get auto-encrypted...."
> > >
> > > Also, the last I knew the Spring Security UI plugin had not been updated
> > > to align with this change. Which means it will doubly encode the
> > > password, when using the UI plugin to create new users.
> > >
> > > Paul
> > >
> > >
> > > On 11/25/2011 7:33 PM, Qin Ding wrote:
> > > > I am using springSecurity plugin. Seems working but there is a problem I
> > > > don't know how to fix it.
> > > >
> > > > In my config.groovy, I have the following:
> > > > grails.plugins.springsecurity.interceptUrlMap = [
> > > > '/abc/*': ['IS_AUTHENTICATED_REMEMBERED', 'ROLE_ADMIN'],
> > > > '/xyz/*': ['IS_AUTHENTICATED_REMEMBERED', 'ROLE_ADMIN'],
> > > > '/student/*': ['IS_AUTHENTICATED_REMEMBERED', 'ROLE_STUDENT', 'ROLE_ADMIN'],
> > > > '/teacher/*': ['IS_AUTHENTICATED_REMEMBERED','ROLE_TEACHER', 'ROLE_ADMIN'],
> > > > '/.**': ['IS_AUTHENTICATED_ANONYMOUSLY']
> > > > ]
> > > >
> > > > In my UrlMappings.groovy, I have the following:
> > > > static mappings = {
> > > > "/login/$action?"(controller: "login")
> > > > "/logout/$action?"(controller: "logout")
> > > > "/$controller/$action?/$id?"{
> > > > constraints {
> > > > // apply constraints here
> > > > }
> > > > }
> > > > "/"(view:"/index")
> > > > "500"(view:'/error')
> > > > }
> > > > On my welcome page (/index.gsp), I have a link for login. When I click
> > > > the login, the auth.gsp page is shown, I typed an INVALID the
> > > > username/password, I got a page with message "undefined", and the url is
> > > > http://localhost:8080/myapplication/j_spring_security_check
> > > > <http://localhost:8080/m.exerpal/j_spring_security_check>. Refresh the
> > > > page, then I got the Sorry, we were not able to find a user with that
> > > > username and password on the auth.gsp.
> > > >
> > > > Now I typed an VALID username/password, I got the same "undefined" page
> > > > which is http://localhost:8080/myapplication/j_spring_security_check
> > > > <http://localhost:8080/m.exerpal/j_spring_security_check>. Refresh this
> > > > page, I got the Sorry, we were not able to find a user with that
> > > > username and password on the auth.gsp. Remove /j_spring_security_check
> > > > from http://localhost:8080/myapplication, then I logged in without the
> > > > problem.
> > > >
> > > > What did I do wrong? How can I not get /j_spring_security_check? If I
> > > > have an invalid id/pwd, directly goes to the login page again with error
> > > > message; if I have an Valid id/pwd, let me in.
> > > >
> > > > By the way, my index.gsp serves two purposes, first present some general
> > > > information and allows the user to login. The second when the user
> > > > logged in, there are a menu with different menu items for different
> > > > roles. A user with student role will have different menu items than a
> > > > user with teacher role. So when a user login by
> > > > localhost:8080/myapplication, the index.gsp is displayed. After the user
> > > > logged in,, the index.gsp is shown again with the proper menu presented.
> > > >
> > > > Thank you
> > > >
> > > > Q
> > > >
> > > >
> > > >
> > >
> > > ---------------------------------------------------------------------
> > > To unsubscribe from this list, please visit:
> > >
> > > http://xircles.codehaus.org/manage_email
> > >
> > >
> >
> >
>
>

---------------------------------------------------------------------
To unsubscribe from this list, please visit:

    http://xircles.codehaus.org/manage_email




Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: GORM Memory Leak Suggestion

Graeme Rocher-4
Administrator
In reply to this post by Steven Grossman
On Fri, Nov 25, 2011 at 9:18 PM, sgrossman <[hidden email]> wrote:
> Terrific news!
>
> I had looked at the source code for DomainClassGrailsPlugin in 2.0 M1 and
> the code hadn't changed.  Is that simply an oversight or is this a
> late-breaking development to be included in M2?

The code now looks like this:

            if (!isEnhanced) {
                if (!dc.abstract) {
                    metaClass.constructor = { ->
                        getDomainInstance domainClass, ctx
                    }
                }
                metaClass.ident = {-> delegate[domainClass.identifier.name] }
                metaClass.static.create = { ->
                    getDomainInstance domainClass, ctx
                }
                addValidationMethods(application, domainClass, ctx)
            }


You'll notice the !isEnhanced call.

This means the code is only executed if the class is not compile time
enhanced, which could only  happen for dynamically compiled objects.
So basically the code is only there for backwards compatibility with
certain plugins like the dynamic domain class plugin etc.

Cheers

>
> --
> View this message in context: http://grails.1312388.n4.nabble.com/GORM-Memory-Leak-Suggestion-tp4108624p4108742.html
> Sent from the Grails - user mailing list archive at Nabble.com.
>
> ---------------------------------------------------------------------
> To unsubscribe from this list, please visit:
>
>    http://xircles.codehaus.org/manage_email
>
>
>



--
Graeme Rocher
Grails Project Lead
SpringSource - A Division of VMware
http://www.springsource.com

---------------------------------------------------------------------
To unsubscribe from this list, please visit:

    http://xircles.codehaus.org/manage_email


Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: springsecurity plugin usage problem still not solved

Qin Ding
In reply to this post by Qin Ding
I still can't figure out why the springsecurity plugin does not work in my application with jquery mobile.  I created a new project with security plugin only, then it works fine.  After I added Jquery Mobile plugin, then the login does not work any more.

Both plugins are important to the application.  Does anyone know how to fix this?  

Jquery lib is in the layout file.  So, the auth.gsp using this layout.  Now, I remove the meta tag reference the layout in the auth.gsp.  So, in the first index.gsp, which is decorated by the Jquery mobile, I clicked the login,  the auth.gsp is displayed as if it still has the JQuery's css; but when I view the page source, it shows NO Jquery. I have to refresh the auth.gsp page second time before I login, then it works.  I don't know why I have to manually refresh the page twice before it works.

If someone knows how to fix this or have some ideas how to fix, please let me know.  I am stuck here.  Thank you.

Q


From: Qin Ding <[hidden email]>
To: "[hidden email]" <[hidden email]>
Sent: Saturday, November 26, 2011 5:11 PM
Subject: Re: [grails-user] springsecurity plugin usage problem

Is there a way I can do in order to debug through this?  Simply set a breakpoint on the loginController did not reveal anything. Set the log4j debug on springsecurity generated too much information for me to see anything related to this problem.

Q


From: Burt Beckwith <[hidden email]>
To: [hidden email]
Sent: Saturday, November 26, 2011 3:36 PM
Subject: Re: [grails-user] springsecurity plugin usage problem

It's not an action, it's a uri - the value of the "postUrl" attribute is set in LoginController. By default it's "/j_spring_security_check". This is intercepted by Spring Security to process the authentication.

Burt

> What action is it being mapped to  ? I don't see that...
>
> - Harjit
> On Nov 25, 2011, at 11:31 PM, Qin Ding wrote:
>
> > I checked that originally it was <form action='${postUrl}' method='POST' id='loginForm' class='cssform'>...</form>
> >
> > After I changed to <g:form action='${postUrl}' method='POST' id='loginForm' class='cssform'>...</g:form>,  the auth.gsp is not loaded any more "Error loading page". There is no error output in the console, though.  So I don't know what cause the error in loading the page.
> >
> > I don't manually encode the password.
> >
> > Q
> >
> > From: James Zhang <[hidden email]>
> > To: [hidden email]
> > Sent: Friday, November 25, 2011 9:26 PM
> > Subject: RE: [grails-user] springsecurity plugin usage problem
> >
> > Can you please check in your auth.gsp, are you using g:form or <form> ?
> >
> > You have to use <g:form> to make it work.
> >
> > > Date: Fri, 25 Nov 2011 20:30:47 -0500
> > > From: [hidden email]
> > > To: [hidden email]
> > > Subject: Re: [grails-user] springsecurity plugin usage problem
> > >
> > > Hi,
> > >
> > > By any chance do you have a mismatch in the password encoding?
> > >
> > > From
> > > <http://grails.1312388.n4.nabble.com/ANN-Spring-Security-Core-Plugin-1-2-released-td3708266.html>
> > > :
> > >
> > > "...version 1.2 of the Spring Security Core plugin...the 'user' domain
> > > class now handles password encryption, so you no longer need to call
> > > springSecurityService.encodePassword() when creating or updating a user
> > > - just create it the normal way, e.g. "new User(username: 'me',
> > > password: 'secret', enabled: true)" and it will get auto-encrypted...."
> > >
> > > Also, the last I knew the Spring Security UI plugin had not been updated
> > > to align with this change. Which means it will doubly encode the
> > > password, when using the UI plugin to create new users.
> > >
> > > Paul
> > >
> > >
> > > On 11/25/2011 7:33 PM, Qin Ding wrote:
> > > > I am using springSecurity plugin. Seems working but there is a problem I
> > > > don't know how to fix it.
> > > >
> > > > In my config.groovy, I have the following:
> > > > grails.plugins.springsecurity.interceptUrlMap = [
> > > > '/abc/*': ['IS_AUTHENTICATED_REMEMBERED', 'ROLE_ADMIN'],
> > > > '/xyz/*': ['IS_AUTHENTICATED_REMEMBERED', 'ROLE_ADMIN'],
> > > > '/student/*': ['IS_AUTHENTICATED_REMEMBERED', 'ROLE_STUDENT', 'ROLE_ADMIN'],
> > > > '/teacher/*': ['IS_AUTHENTICATED_REMEMBERED','ROLE_TEACHER', 'ROLE_ADMIN'],
> > > > '/.**': ['IS_AUTHENTICATED_ANONYMOUSLY']
> > > > ]
> > > >
> > > > In my UrlMappings.groovy, I have the following:
> > > > static mappings = {
> > > > "/login/$action?"(controller: "login")
> > > > "/logout/$action?"(controller: "logout")
> > > > "/$controller/$action?/$id?"{
> > > > constraints {
> > > > // apply constraints here
> > > > }
> > > > }
> > > > "/"(view:"/index")
> > > > "500"(view:'/error')
> > > > }
> > > > On my welcome page (/index.gsp), I have a link for login. When I click
> > > > the login, the auth.gsp page is shown, I typed an INVALID the
> > > > username/password, I got a page with message "undefined", and the url is
> > > > http://localhost:8080/myapplication/j_spring_security_check
> > > > <http://localhost:8080/m.exerpal/j_spring_security_check>. Refresh the
> > > > page, then I got the Sorry, we were not able to find a user with that
> > > > username and password on the auth.gsp.
> > > >
> > > > Now I typed an VALID username/password, I got the same "undefined" page
> > > > which is http://localhost:8080/myapplication/j_spring_security_check
> > > > <http://localhost:8080/m.exerpal/j_spring_security_check>. Refresh this
> > > > page, I got the Sorry, we were not able to find a user with that
> > > > username and password on the auth.gsp. Remove /j_spring_security_check
> > > > from http://localhost:8080/myapplication, then I logged in without the
> > > > problem.
> > > >
> > > > What did I do wrong? How can I not get /j_spring_security_check? If I
> > > > have an invalid id/pwd, directly goes to the login page again with error
> > > > message; if I have an Valid id/pwd, let me in.
> > > >
> > > > By the way, my index.gsp serves two purposes, first present some general
> > > > information and allows the user to login. The second when the user
> > > > logged in, there are a menu with different menu items for different
> > > > roles. A user with student role will have different menu items than a
> > > > user with teacher role. So when a user login by
> > > > localhost:8080/myapplication, the index.gsp is displayed. After the user
> > > > logged in,, the index.gsp is shown again with the proper menu presented.
> > > >
> > > > Thank you
> > > >
> > > > Q
> > > >
> > > >
> > > >
> > >
> > > ---------------------------------------------------------------------
> > > To unsubscribe from this list, please visit:
> > >
> > > http://xircles.codehaus.org/manage_email
> > >
> > >
> >
> >
>
>

---------------------------------------------------------------------
To unsubscribe from this list, please visit:

    http://xircles.codehaus.org/manage_email






Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: springsecurity plugin usage problem still not solved

paolo.foletto
hi, I suggest to change the subject of the request in a more specific way
related to the combination of springsecurity and mobile.css
if you put an example of an application to replicate the problem
may be that can be easier give an hand.
Paolo

2011/12/3 Qin Ding <[hidden email]>:

> I still can't figure out why the springsecurity plugin does not work in my
> application with jquery mobile.  I created a new project with security
> plugin only, then it works fine.  After I added Jquery Mobile plugin, then
> the login does not work any more.
>
> Both plugins are important to the application.  Does anyone know how to fix
> this?
>
> Jquery lib is in the layout file.  So, the auth.gsp using this layout.  Now,
> I remove the meta tag reference the layout in the auth.gsp.  So, in the
> first index.gsp, which is decorated by the Jquery mobile, I clicked the
> login,  the auth.gsp is displayed as if it still has the JQuery's css; but
> when I view the page source, it shows NO Jquery. I have to refresh the
> auth.gsp page second time before I login, then it works.  I don't know why I
> have to manually refresh the page twice before it works.
>
> If someone knows how to fix this or have some ideas how to fix, please let
> me know.  I am stuck here.  Thank you.
>
> Q
>
> ________________________________
> From: Qin Ding <[hidden email]>
> To: "[hidden email]" <[hidden email]>
> Sent: Saturday, November 26, 2011 5:11 PM
> Subject: Re: [grails-user] springsecurity plugin usage problem
>
> Is there a way I can do in order to debug through this?  Simply set a
> breakpoint on the loginController did not reveal anything. Set the log4j
> debug on springsecurity generated too much information for me to see
> anything related to this problem.
>
> Q
>
> ________________________________
> From: Burt Beckwith <[hidden email]>
> To: [hidden email]
> Sent: Saturday, November 26, 2011 3:36 PM
> Subject: Re: [grails-user] springsecurity plugin usage problem
>
> It's not an action, it's a uri - the value of the "postUrl" attribute is set
> in LoginController. By default it's "/j_spring_security_check". This is
> intercepted by Spring Security to process the authentication.
>
> Burt
>
>> What action is it being mapped to  ? I don't see that...
>>
>> - Harjit
>> On Nov 25, 2011, at 11:31 PM, Qin Ding wrote:
>>
>> > I checked that originally it was <form action='${postUrl}' method='POST'
>> > id='loginForm' class='cssform'>...</form>
>> >
>> > After I changed to <g:form action='${postUrl}' method='POST'
>> > id='loginForm' class='cssform'>...</g:form>,  the auth.gsp is not loaded any
>> > more "Error loading page". There is no error output in the console, though.
>> > So I don't know what cause the error in loading the page.
>> >
>> > I don't manually encode the password.
>> >
>> > Q
>> >
>> > From: James Zhang <[hidden email]>
>> > To: [hidden email]
>> > Sent: Friday, November 25, 2011 9:26 PM
>> > Subject: RE: [grails-user] springsecurity plugin usage problem
>> >
>> > Can you please check in your auth.gsp, are you using g:form or <form> ?
>> >
>> > You have to use <g:form> to make it work.
>> >
>> > > Date: Fri, 25 Nov 2011 20:30:47 -0500
>> > > From: [hidden email]
>> > > To: [hidden email]
>> > > Subject: Re: [grails-user] springsecurity plugin usage problem
>> > >
>> > > Hi,
>> > >
>> > > By any chance do you have a mismatch in the password encoding?
>> > >
>> > > From
>> > >
>> > > <http://grails.1312388.n4.nabble.com/ANN-Spring-Security-Core-Plugin-1-2-released-td3708266.html>
>> > > :
>> > >
>> > > "...version 1.2 of the Spring Security Core plugin...the 'user' domain
>> > > class now handles password encryption, so you no longer need to call
>> > > springSecurityService.encodePassword() when creating or updating a
>> > > user
>> > > - just create it the normal way, e.g. "new User(username: 'me',
>> > > password: 'secret', enabled: true)" and it will get
>> > > auto-encrypted...."
>> > >
>> > > Also, the last I knew the Spring Security UI plugin had not been
>> > > updated
>> > > to align with this change. Which means it will doubly encode the
>> > > password, when using the UI plugin to create new users.
>> > >
>> > > Paul
>> > >
>> > >
>> > > On 11/25/2011 7:33 PM, Qin Ding wrote:
>> > > > I am using springSecurity plugin. Seems working but there is a
>> > > > problem I
>> > > > don't know how to fix it.
>> > > >
>> > > > In my config.groovy, I have the following:
>> > > > grails.plugins.springsecurity.interceptUrlMap = [
>> > > > '/abc/*': ['IS_AUTHENTICATED_REMEMBERED', 'ROLE_ADMIN'],
>> > > > '/xyz/*': ['IS_AUTHENTICATED_REMEMBERED', 'ROLE_ADMIN'],
>> > > > '/student/*': ['IS_AUTHENTICATED_REMEMBERED', 'ROLE_STUDENT',
>> > > > 'ROLE_ADMIN'],
>> > > > '/teacher/*': ['IS_AUTHENTICATED_REMEMBERED','ROLE_TEACHER',
>> > > > 'ROLE_ADMIN'],
>> > > > '/.**': ['IS_AUTHENTICATED_ANONYMOUSLY']
>> > > > ]
>> > > >
>> > > > In my UrlMappings.groovy, I have the following:
>> > > > static mappings = {
>> > > > "/login/$action?"(controller: "login")
>> > > > "/logout/$action?"(controller: "logout")
>> > > > "/$controller/$action?/$id?"{
>> > > > constraints {
>> > > > // apply constraints here
>> > > > }
>> > > > }
>> > > > "/"(view:"/index")
>> > > > "500"(view:'/error')
>> > > > }
>> > > > On my welcome page (/index.gsp), I have a link for login. When I
>> > > > click
>> > > > the login, the auth.gsp page is shown, I typed an INVALID the
>> > > > username/password, I got a page with message "undefined", and the
>> > > > url is
>> > > > http://localhost:8080/myapplication/j_spring_security_check
>> > > > <http://localhost:8080/m.exerpal/j_spring_security_check>. Refresh
>> > > > the
>> > > > page, then I got the Sorry, we were not able to find a user with
>> > > > that
>> > > > username and password on the auth.gsp.
>> > > >
>> > > > Now I typed an VALID username/password, I got the same "undefined"
>> > > > page
>> > > > which is http://localhost:8080/myapplication/j_spring_security_check
>> > > > <http://localhost:8080/m.exerpal/j_spring_security_check>. Refresh
>> > > > this
>> > > > page, I got the Sorry, we were not able to find a user with that
>> > > > username and password on the auth.gsp. Remove
>> > > > /j_spring_security_check
>> > > > from http://localhost:8080/myapplication, then I logged in without
>> > > > the
>> > > > problem.
>> > > >
>> > > > What did I do wrong? How can I not get /j_spring_security_check? If
>> > > > I
>> > > > have an invalid id/pwd, directly goes to the login page again with
>> > > > error
>> > > > message; if I have an Valid id/pwd, let me in.
>> > > >
>> > > > By the way, my index.gsp serves two purposes, first present some
>> > > > general
>> > > > information and allows the user to login. The second when the user
>> > > > logged in, there are a menu with different menu items for different
>> > > > roles. A user with student role will have different menu items than
>> > > > a
>> > > > user with teacher role. So when a user login by
>> > > > localhost:8080/myapplication, the index.gsp is displayed. After the
>> > > > user
>> > > > logged in,, the index.gsp is shown again with the proper menu
>> > > > presented.
>> > > >
>> > > > Thank you
>> > > >
>> > > > Q
>> > > >
>> > > >
>> > > >
>> > >
>> > > ---------------------------------------------------------------------
>> > > To unsubscribe from this list, please visit:
>> > >
>> > > http://xircles.codehaus.org/manage_email
>> > >
>> > >
>> >
>> >
>>
>>
>
> ---------------------------------------------------------------------
> To unsubscribe from this list, please visit:
>
>     http://xircles.codehaus.org/manage_email
>
>
>
>
>
>



--
Studio Ingegneria dell'Informazione
via Marconi,1 35040 Carceri (PD)
cell 335 615 23 53
http://it.linkedin.com/in/paolofoletto
Posta Elettronica Certificata paolo.foletto[at]ingpec.eu

---------------------------------------------------------------------
To unsubscribe from this list, please visit:

    http://xircles.codehaus.org/manage_email


Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Problem of combination of Springsecurity and JQuery,Mobile

Qin Ding
Grails 1.3.7
spring-security-core-1.2.4:
jquery:-1.6.1.1
jquery-mobile-1.0

I have problems using both springsecurity plugin and Jquery plugin together.  The problems is that I will get the "undefined page" with "j_spring_security_check" in the input box, no matter whether you present the correct credentials or not.  You then have to manually remove the "j_spring_security_check" from the input before you will get the targeted page or error message depending whether you the credential is correct.

To reproduce the problem, this is what you do:

1. create a brand new grails project and config the database;
2. install the spring security core plugin;  and you verify that everything should work.  If you type in the wrong credential, you see the error message in auth.gsp. If you have the right credential, you should see the next page.  Also I verified that the login user's role, it is all good.
3.  Now you install the Jquery plugin.  In my main.gsp in layout folder, I have the following:
<title><g:layoutTitle default="app.title" /></title>
        <meta name="viewport" content="width=device-width, initial-scale=1">
        <link rel="stylesheet" type="text/css" href="http://code.jquery.com/mobile/1.0/jquery.mobile-1.0.min.css" />
        <link rel="stylesheet" type="text/css" href="http://dev.jtsage.com/cdn/datebox/latest/jquery.mobile.datebox.min.css" />
        <link rel="stylesheet" href="${resource(dir:'css',file:'main.css')}" type="text/css" media="all"/>
        <script type="text/javascript" src="http://code.jquery.com/jquery-1.6.4.min.js"></script>
        <script type="text/javascript" src="http://code.jquery.com/mobile/1.0/jquery.mobile-1.0.min.js"></script>
       
        <script type="text/javascript" src="http://dev.jtsage.com/cdn/datebox/latest/jquery.mobile.datebox.min.js"></script>
        <script type="text/javascript" src="http://dev.jtsage.com/cdn/datebox/i8n/jquery.mobile.datebox.i8n.en.js"></script>
        <link rel="shortcut icon" href="${resource(dir:'images',file:'favicon.ico')}" type="image/x-icon" />

4.  In my index.gsp:
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
        <meta name="layout" content="main" />
    </head>
    <body>
       
        <div data-role="page" data-title="Home">
            <div data-role="header" data-nobackbtn="true" data-position="fixed" data-inset="true" data-theme="b">
                <sec:ifLoggedIn>
                    <h1><sec:loggedInUserInfo field="fullName"></sec:loggedInUserInfo></h1>
                     <g:link controller="logout" data-icon="minus" class="ui-btn-right"><g:message code="signout"/></g:link>
                  </sec:ifLoggedIn>
                <sec:ifNotLoggedIn>
                    <h1><g:message code="default.home.label" /></h1>
                    <g:link controller="login" action="auth" data-icon="check" class="ui-btn-right">
                        <g:message code="login" />
                    </g:link>
                </sec:ifNotLoggedIn>
            </div>
           
            <div data-role="content">
                <sec:ifNotLoggedIn>
                    <h1>Welcome</h1>
                    <p>Welcome</p>
                </sec:ifNotLoggedIn>               
                <sec:ifAllGranted roles="ROLE_ADMIN">
                   
<p>Welcome you as an admin.</p>
                </sec:ifAllGranted>
               
                <sec:ifAllGranted roles="ROLE_TEACHER">
                   
<p>Welcome you as a teacher.</p>
                </sec:ifAllGranted>

                <sec:ifAllGranted roles="ROLE_STUDENT">
                   
<p>Welcome you as a student.</p>
                </sec:ifAllGranted>
            </div>
        </div>
5. In my Urlmappings.groovy:
    static mappings = {
        "/login/$action?"(controller: "login")
        "/logout/$action?"(controller: "logout")
        "/$controller/$action?/$id?"{
            constraints {
                // apply constraints here
            }
        }

        "/"(view:"/index")
        "500"(view:'/error')
    }

6. in my Config.groovy:
grails.plugins.springsecurity.interceptUrlMap = [
    '/teacher/*': ['IS_AUTHENTICATED_REMEMBERED', 'ROLE_TEACHER', 'ROLE_ADMIN'],
    '/student/*': ['IS_AUTHENTICATED_REMEMBERED','ROLE_STUDENT', 'ROLE_TEACHER', 'ROLE_ADMIN'],
   
'/.**': ['IS_AUTHENTICATED_ANONYMOUSLY']   
]

7.  run the application. You will see Welcome and a button for login.  Click the button, you're challenged with auth.gsp.  Now, type in the right credential, you will get a page with word "undefined". In the url input you see "http://localhost:8080/myapp/j_spring_security_check". Now, you manually remove the j_spring_security_check, and then press the enter key, you will get index.gsp with welcome you as an admin, or welcome you as a teacher, or welcome you as a student, depending on your credential's role.  The problem is that you won't get the index.gsp unless you remove the j_spring_security_check and then press the enter.  The same for wrong credential.  You won't see the error msg unless you remove the j_spring_security_check and press the enter again.

6. now you completely remove the jquery and mobile js and css from the application. Now login works again.

I heard that the grails will have jquery as defult in version 2.0.  So, the springSecurityCore plugin has to live together with jquery.  And Jquery (mobile) is important to this application, so as springsecurity core plugin.  I am sure someone must use the combination of the two together.  I need to know if you experience the same problem. If you do, would you please share with me how you fix the problem.  If you don't have the problem, would you please let me know the version of grails, security plugin, jquery mobile...you used.  I seem stuck here.

Thank you very much.

Q




From: paolo foletto <[hidden email]>
To: [hidden email]
Sent: Saturday, December 3, 2011 3:35 AM
Subject: Re: [grails-user] springsecurity plugin usage problem still not solved

hi, I suggest to change the subject of the request in a more specific way
related to the combination of springsecurity and mobile.css
if you put an example of an application to replicate the problem
may be that can be easier give an hand.
Paolo

2011/12/3 Qin Ding <[hidden email]>:

> I still can't figure out why the springsecurity plugin does not work in my
> application with jquery mobile.  I created a new project with security
> plugin only, then it works fine.  After I added Jquery Mobile plugin, then
> the login does not work any more.
>
> Both plugins are important to the application.  Does anyone know how to fix
> this?
>
> Jquery lib is in the layout file.  So, the auth.gsp using this layout.  Now,
> I remove the meta tag reference the layout in the auth.gsp.  So, in the
> first index.gsp, which is decorated by the Jquery mobile, I clicked the
> login,  the auth.gsp is displayed as if it still has the JQuery's css; but
> when I view the page source, it shows NO Jquery. I have to refresh the
> auth.gsp page second time before I login, then it works.  I don't know why I
> have to manually refresh the page twice before it works.
>
> If someone knows how to fix this or have some ideas how to fix, please let
> me know.  I am stuck here.  Thank you.
>
> Q
>
> ________________________________
> From: Qin Ding <[hidden email]>
> To: "[hidden email]" <[hidden email]>
> Sent: Saturday, November 26, 2011 5:11 PM
> Subject: Re: [grails-user] springsecurity plugin usage problem
>
> Is there a way I can do in order to debug through this?  Simply set a
> breakpoint on the loginController did not reveal anything. Set the log4j
> debug on springsecurity generated too much information for me to see
> anything related to this problem.
>
> Q
>
> ________________________________
> From: Burt Beckwith <[hidden email]>
> To: [hidden email]
> Sent: Saturday, November 26, 2011 3:36 PM
> Subject: Re: [grails-user] springsecurity plugin usage problem
>
> It's not an action, it's a uri - the value of the "postUrl" attribute is set
> in LoginController. By default it's "/j_spring_security_check". This is
> intercepted by Spring Security to process the authentication.
>
> Burt
>
>> What action is it being mapped to  ? I don't see that...
>>
>> - Harjit
>> On Nov 25, 2011, at 11:31 PM, Qin Ding wrote:
>>
>> > I checked that originally it was <form action='${postUrl}' method='POST'
>> > id='loginForm' class='cssform'>...</form>
>> >
>> > After I changed to <g:form action='${postUrl}' method='POST'
>> > id='loginForm' class='cssform'>...</g:form>,  the auth.gsp is not loaded any
>> > more "Error loading page". There is no error output in the console, though.
>> > So I don't know what cause the error in loading the page.
>> >
>> > I don't manually encode the password.
>> >
>> > Q
>> >
>> > From: James Zhang <[hidden email]>
>> > To: [hidden email]
>> > Sent: Friday, November 25, 2011 9:26 PM
>> > Subject: RE: [grails-user] springsecurity plugin usage problem
>> >
>> > Can you please check in your auth.gsp, are you using g:form or <form> ?
>> >
>> > You have to use <g:form> to make it work.
>> >
>> > > Date: Fri, 25 Nov 2011 20:30:47 -0500
>> > > From: [hidden email]
>> > > To: [hidden email]
>> > > Subject: Re: [grails-user] springsecurity plugin usage problem
>> > >
>> > > Hi,
>> > >
>> > > By any chance do you have a mismatch in the password encoding?
>> > >
>> > > From
>> > >
>> > > <http://grails.1312388.n4.nabble.com/ANN-Spring-Security-Core-Plugin-1-2-released-td3708266.html>
>> > > :
>> > >
>> > > "...version 1.2 of the Spring Security Core plugin...the 'user' domain
>> > > class now handles password encryption, so you no longer need to call
>> > > springSecurityService.encodePassword() when creating or updating a
>> > > user
>> > > - just create it the normal way, e.g. "new User(username: 'me',
>> > > password: 'secret', enabled: true)" and it will get
>> > > auto-encrypted...."
>> > >
>> > > Also, the last I knew the Spring Security UI plugin had not been
>> > > updated
>> > > to align with this change. Which means it will doubly encode the
>> > > password, when using the UI plugin to create new users.
>> > >
>> > > Paul
>> > >
>> > >
>> > > On 11/25/2011 7:33 PM, Qin Ding wrote:
>> > > > I am using springSecurity plugin. Seems working but there is a
>> > > > problem I
>> > > > don't know how to fix it.
>> > > >
>> > > > In my config.groovy, I have the following:
>> > > > grails.plugins.springsecurity.interceptUrlMap = [
>> > > > '/abc/*': ['IS_AUTHENTICATED_REMEMBERED', 'ROLE_ADMIN'],
>> > > > '/xyz/*': ['IS_AUTHENTICATED_REMEMBERED', 'ROLE_ADMIN'],
>> > > > '/student/*': ['IS_AUTHENTICATED_REMEMBERED', 'ROLE_STUDENT',
>> > > > 'ROLE_ADMIN'],
>> > > > '/teacher/*': ['IS_AUTHENTICATED_REMEMBERED','ROLE_TEACHER',
>> > > > 'ROLE_ADMIN'],
>> > > > '/.**': ['IS_AUTHENTICATED_ANONYMOUSLY']
>> > > > ]
>> > > >
>> > > > In my UrlMappings.groovy, I have the following:
>> > > > static mappings = {
>> > > > "/login/$action?"(controller: "login")
>> > > > "/logout/$action?"(controller: "logout")
>> > > > "/$controller/$action?/$id?"{
>> > > > constraints {
>> > > > // apply constraints here
>> > > > }
>> > > > }
>> > > > "/"(view:"/index")
>> > > > "500"(view:'/error')
>> > > > }
>> > > > On my welcome page (/index.gsp), I have a link for login. When I
>> > > > click
>> > > > the login, the auth.gsp page is shown, I typed an INVALID the
>> > > > username/password, I got a page with message "undefined", and the
>> > > > url is
>> > > > http://localhost:8080/myapplication/j_spring_security_check
>> > > > <http://localhost:8080/m.exerpal/j_spring_security_check>. Refresh
>> > > > the
>> > > > page, then I got the Sorry, we were not able to find a user with
>> > > > that
>> > > > username and password on the auth.gsp.
>> > > >
>> > > > Now I typed an VALID username/password, I got the same "undefined"
>> > > > page
>> > > > which is http://localhost:8080/myapplication/j_spring_security_check
>> > > > <http://localhost:8080/m.exerpal/j_spring_security_check>. Refresh
>> > > > this
>> > > > page, I got the Sorry, we were not able to find a user with that
>> > > > username and password on the auth.gsp. Remove
>> > > > /j_spring_security_check
>> > > > from http://localhost:8080/myapplication, then I logged in without
>> > > > the
>> > > > problem.
>> > > >
>> > > > What did I do wrong? How can I not get /j_spring_security_check? If
>> > > > I
>> > > > have an invalid id/pwd, directly goes to the login page again with
>> > > > error
>> > > > message; if I have an Valid id/pwd, let me in.
>> > > >
>> > > > By the way, my index.gsp serves two purposes, first present some
>> > > > general
>> > > > information and allows the user to login. The second when the user
>> > > > logged in, there are a menu with different menu items for different
>> > > > roles. A user with student role will have different menu items than
>> > > > a
>> > > > user with teacher role. So when a user login by
>> > > > localhost:8080/myapplication, the index.gsp is displayed. After the
>> > > > user
>> > > > logged in,, the index.gsp is shown again with the proper menu
>> > > > presented.
>> > > >
>> > > > Thank you
>> > > >
>> > > > Q
>> > > >
>> > > >
>> > > >
>> > >
>> > > ---------------------------------------------------------------------
>> > > To unsubscribe from this list, please visit:
>> > >
>> > > http://xircles.codehaus.org/manage_email
>> > >
>> > >
>> >
>> >
>>
>>
>
> ---------------------------------------------------------------------
> To unsubscribe from this list, please visit:
>
>     http://xircles.codehaus.org/manage_email
>
>
>
>
>
>



--
Studio Ingegneria dell'Informazione
via Marconi,1 35040 Carceri (PD)
cell 335 615 23 53
http://it.linkedin.com/in/paolofoletto
Posta Elettronica Certificata paolo.foletto[at]ingpec.eu

---------------------------------------------------------------------
To unsubscribe from this list, please visit:

    http://xircles.codehaus.org/manage_email




Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Problem of combination of Springsecurity and JQuery,Mobile

paolo.foletto
please, can you send an application to replicate your situation?
I create an application
Grails 1.3.7
spring-security-core-1.2.6
jquery 1.7
jquery-mobile 1.0.3

I add in the bootstrap 3 roles
I create an Home controller and the application works after
installing the plugin jquery
I confirm that Grails 2.0.0 is using jquery and jquery-mobile as default
Paolo

2011/12/3 Qin Ding <[hidden email]>:

> Grails 1.3.7
> spring-security-core-1.2.4:
> jquery:-1.6.1.1
> jquery-mobile-1.0
>
> I have problems using both springsecurity plugin and Jquery plugin
> together.  The problems is that I will get the "undefined page" with
> "j_spring_security_check" in the input box, no matter whether you present
> the correct credentials or not.  You then have to manually remove the
> "j_spring_security_check" from the input before you will get the targeted
> page or error message depending whether you the credential is correct.
>
> To reproduce the problem, this is what you do:
>
> 1. create a brand new grails project and config the database;
> 2. install the spring security core plugin;  and you verify that everything
> should work.  If you type in the wrong credential, you see the error message
> in auth.gsp. If you have the right credential, you should see the next
> page.  Also I verified that the login user's role, it is all good.
> 3.  Now you install the Jquery plugin.  In my main.gsp in layout folder, I
> have the following:
> <title><g:layoutTitle default="app.title" /></title>
>         <meta name="viewport" content="width=device-width, initial-scale=1">
>         <link rel="stylesheet" type="text/css"
> href="http://code.jquery.com/mobile/1.0/jquery.mobile-1.0.min.css" />
>         <link rel="stylesheet" type="text/css"
> href="http://dev.jtsage.com/cdn/datebox/latest/jquery.mobile.datebox.min.css"
> />
>         <link rel="stylesheet" href="${resource(dir:'css',file:'main.css')}"
> type="text/css" media="all"/>
>         <script type="text/javascript"
> src="http://code.jquery.com/jquery-1.6.4.min.js"></script>
>         <script type="text/javascript"
> src="http://code.jquery.com/mobile/1.0/jquery.mobile-1.0.min.js"></script>
>
>         <script type="text/javascript"
> src="http://dev.jtsage.com/cdn/datebox/latest/jquery.mobile.datebox.min.js"></script>
>         <script type="text/javascript"
> src="http://dev.jtsage.com/cdn/datebox/i8n/jquery.mobile.datebox.i8n.en.js"></script>
>         <link rel="shortcut icon"
> href="${resource(dir:'images',file:'favicon.ico')}" type="image/x-icon" />
>
> 4.  In my index.gsp:
>     <head>
>         <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"
> />
>         <meta name="layout" content="main" />
>     </head>
>     <body>
>
>         <div data-role="page" data-title="Home">
>             <div data-role="header" data-nobackbtn="true"
> data-position="fixed" data-inset="true" data-theme="b">
>                 <sec:ifLoggedIn>
>                     <h1><sec:loggedInUserInfo
> field="fullName"></sec:loggedInUserInfo></h1>
>                      <g:link controller="logout" data-icon="minus"
> class="ui-btn-right"><g:message code="signout"/></g:link>
>                   </sec:ifLoggedIn>
>                 <sec:ifNotLoggedIn>
>                     <h1><g:message code="default.home.label" /></h1>
>                     <g:link controller="login" action="auth"
> data-icon="check" class="ui-btn-right">
>                         <g:message code="login" />
>                     </g:link>
>                 </sec:ifNotLoggedIn>
>             </div>
>
>             <div data-role="content">
>                 <sec:ifNotLoggedIn>
>                     <h1>Welcome</h1>
>                     <p>Welcome</p>
>                 </sec:ifNotLoggedIn>
>                 <sec:ifAllGranted roles="ROLE_ADMIN">
>                     <p>Welcome you as an admin.</p>
>                 </sec:ifAllGranted>
>
>                 <sec:ifAllGranted roles="ROLE_TEACHER">
>                     <p>Welcome you as a teacher.</p>
>                 </sec:ifAllGranted>
>
>                 <sec:ifAllGranted roles="ROLE_STUDENT">
>                     <p>Welcome you as a student.</p>
>                 </sec:ifAllGranted>
>             </div>
>         </div>
> 5. In my Urlmappings.groovy:
>     static mappings = {
>         "/login/$action?"(controller: "login")
>         "/logout/$action?"(controller: "logout")
>         "/$controller/$action?/$id?"{
>             constraints {
>                 // apply constraints here
>             }
>         }
>
>         "/"(view:"/index")
>         "500"(view:'/error')
>     }
>
> 6. in my Config.groovy:
> grails.plugins.springsecurity.interceptUrlMap = [
>     '/teacher/*': ['IS_AUTHENTICATED_REMEMBERED', 'ROLE_TEACHER',
> 'ROLE_ADMIN'],
>     '/student/*': ['IS_AUTHENTICATED_REMEMBERED','ROLE_STUDENT',
> 'ROLE_TEACHER', 'ROLE_ADMIN'],
>     '/.**': ['IS_AUTHENTICATED_ANONYMOUSLY']
> ]
>
> 7.  run the application. You will see Welcome and a button for login.  Click
> the button, you're challenged with auth.gsp.  Now, type in the right
> credential, you will get a page with word "undefined". In the url input you
> see "http://localhost:8080/myapp/j_spring_security_check". Now, you manually
> remove the j_spring_security_check, and then press the enter key, you will
> get index.gsp with welcome you as an admin, or welcome you as a teacher, or
> welcome you as a student, depending on your credential's role.  The problem
> is that you won't get the index.gsp unless you remove the
> j_spring_security_check and then press the enter.  The same for wrong
> credential.  You won't see the error msg unless you remove the
> j_spring_security_check and press the enter again.
>
> 6. now you completely remove the jquery and mobile js and css from the
> application. Now login works again.
>
> I heard that the grails will have jquery as defult in version 2.0.  So, the
> springSecurityCore plugin has to live together with jquery.  And Jquery
> (mobile) is important to this application, so as springsecurity core
> plugin.  I am sure someone must use the combination of the two together.  I
> need to know if you experience the same problem. If you do, would you please
> share with me how you fix the problem.  If you don't have the problem, would
> you please let me know the version of grails, security plugin, jquery
> mobile...you used.  I seem stuck here.
>
> Thank you very much.
>
> Q
>
>
>
> ________________________________
> From: paolo foletto <[hidden email]>
> To: [hidden email]
> Sent: Saturday, December 3, 2011 3:35 AM
> Subject: Re: [grails-user] springsecurity plugin usage problem still not
> solved
>
> hi, I suggest to change the subject of the request in a more specific way
> related to the combination of springsecurity and mobile.css
> if you put an example of an application to replicate the problem
> may be that can be easier give an hand.
> Paolo
>
> 2011/12/3 Qin Ding <[hidden email]>:
>> I still can't figure out why the springsecurity plugin does not work in my
>> application with jquery mobile.  I created a new project with security
>> plugin only, then it works fine.  After I added Jquery Mobile plugin, then
>> the login does not work any more.
>>
>> Both plugins are important to the application.  Does anyone know how to
>> fix
>> this?
>>
>> Jquery lib is in the layout file.  So, the auth.gsp using this layout.
>>  Now,
>> I remove the meta tag reference the layout in the auth.gsp.  So, in the
>> first index.gsp, which is decorated by the Jquery mobile, I clicked the
>> login,  the auth.gsp is displayed as if it still has the JQuery's css; but
>> when I view the page source, it shows NO Jquery. I have to refresh the
>> auth.gsp page second time before I login, then it works.  I don't know why
>> I
>> have to manually refresh the page twice before it works.
>>
>> If someone knows how to fix this or have some ideas how to fix, please let
>> me know.  I am stuck here.  Thank you.
>>
>> Q
>>
>> ________________________________
>> From: Qin Ding <[hidden email]>
>> To: "[hidden email]" <[hidden email]>
>> Sent: Saturday, November 26, 2011 5:11 PM
>> Subject: Re: [grails-user] springsecurity plugin usage problem
>>
>> Is there a way I can do in order to debug through this?  Simply set a
>> breakpoint on the loginController did not reveal anything. Set the log4j
>> debug on springsecurity generated too much information for me to see
>> anything related to this problem.
>>
>> Q
>>
>> ________________________________
>> From: Burt Beckwith <[hidden email]>
>> To: [hidden email]
>> Sent: Saturday, November 26, 2011 3:36 PM
>> Subject: Re: [grails-user] springsecurity plugin usage problem
>>
>> It's not an action, it's a uri - the value of the "postUrl" attribute is
>> set
>> in LoginController. By default it's "/j_spring_security_check". This is
>> intercepted by Spring Security to process the authentication.
>>
>> Burt
>>
>>> What action is it being mapped to  ? I don't see that...
>>>
>>> - Harjit
>>> On Nov 25, 2011, at 11:31 PM, Qin Ding wrote:
>>>
>>> > I checked that originally it was <form action='${postUrl}'
>>> > method='POST'
>>> > id='loginForm' class='cssform'>...</form>
>>> >
>>> > After I changed to <g:form action='${postUrl}' method='POST'
>>> > id='loginForm' class='cssform'>...</g:form>,  the auth.gsp is not
>>> > loaded any
>>> > more "Error loading page". There is no error output in the console,
>>> > though.
>>> > So I don't know what cause the error in loading the page.
>>> >
>>> > I don't manually encode the password.
>>> >
>>> > Q
>>> >
>>> > From: James Zhang <[hidden email]>
>>> > To: [hidden email]
>>> > Sent: Friday, November 25, 2011 9:26 PM
>>> > Subject: RE: [grails-user] springsecurity plugin usage problem
>>> >
>>> > Can you please check in your auth.gsp, are you using g:form or <form> ?
>>> >
>>> > You have to use <g:form> to make it work.
>>> >
>>> > > Date: Fri, 25 Nov 2011 20:30:47 -0500
>>> > > From: [hidden email]
>>> > > To: [hidden email]
>>> > > Subject: Re: [grails-user] springsecurity plugin usage problem
>>> > >
>>> > > Hi,
>>> > >
>>> > > By any chance do you have a mismatch in the password encoding?
>>> > >
>>> > > From
>>> > >
>>> > >
>>> > > <http://grails.1312388.n4.nabble.com/ANN-Spring-Security-Core-Plugin-1-2-released-td3708266.html>
>>> > > :
>>> > >
>>> > > "...version 1.2 of the Spring Security Core plugin...the 'user'
>>> > > domain
>>> > > class now handles password encryption, so you no longer need to call
>>> > > springSecurityService.encodePassword() when creating or updating a
>>> > > user
>>> > > - just create it the normal way, e.g. "new User(username: 'me',
>>> > > password: 'secret', enabled: true)" and it will get
>>> > > auto-encrypted...."
>>> > >
>>> > > Also, the last I knew the Spring Security UI plugin had not been
>>> > > updated
>>> > > to align with this change. Which means it will doubly encode the
>>> > > password, when using the UI plugin to create new users.
>>> > >
>>> > > Paul
>>> > >
>>> > >
>>> > > On 11/25/2011 7:33 PM, Qin Ding wrote:
>>> > > > I am using springSecurity plugin. Seems working but there is a
>>> > > > problem I
>>> > > > don't know how to fix it.
>>> > > >
>>> > > > In my config.groovy, I have the following:
>>> > > > grails.plugins.springsecurity.interceptUrlMap = [
>>> > > > '/abc/*': ['IS_AUTHENTICATED_REMEMBERED', 'ROLE_ADMIN'],
>>> > > > '/xyz/*': ['IS_AUTHENTICATED_REMEMBERED', 'ROLE_ADMIN'],
>>> > > > '/student/*': ['IS_AUTHENTICATED_REMEMBERED', 'ROLE_STUDENT',
>>> > > > 'ROLE_ADMIN'],
>>> > > > '/teacher/*': ['IS_AUTHENTICATED_REMEMBERED','ROLE_TEACHER',
>>> > > > 'ROLE_ADMIN'],
>>> > > > '/.**': ['IS_AUTHENTICATED_ANONYMOUSLY']
>>> > > > ]
>>> > > >
>>> > > > In my UrlMappings.groovy, I have the following:
>>> > > > static mappings = {
>>> > > > "/login/$action?"(controller: "login")
>>> > > > "/logout/$action?"(controller: "logout")
>>> > > > "/$controller/$action?/$id?"{
>>> > > > constraints {
>>> > > > // apply constraints here
>>> > > > }
>>> > > > }
>>> > > > "/"(view:"/index")
>>> > > > "500"(view:'/error')
>>> > > > }
>>> > > > On my welcome page (/index.gsp), I have a link for login. When I
>>> > > > click
>>> > > > the login, the auth.gsp page is shown, I typed an INVALID the
>>> > > > username/password, I got a page with message "undefined", and the
>>> > > > url is
>>> > > > http://localhost:8080/myapplication/j_spring_security_check
>>> > > > <http://localhost:8080/m.exerpal/j_spring_security_check>. Refresh
>>> > > > the
>>> > > > page, then I got the Sorry, we were not able to find a user with
>>> > > > that
>>> > > > username and password on the auth.gsp.
>>> > > >
>>> > > > Now I typed an VALID username/password, I got the same "undefined"
>>> > > > page
>>> > > > which is
>>> > > > http://localhost:8080/myapplication/j_spring_security_check
>>> > > > <http://localhost:8080/m.exerpal/j_spring_security_check>. Refresh
>>> > > > this
>>> > > > page, I got the Sorry, we were not able to find a user with that
>>> > > > username and password on the auth.gsp. Remove
>>> > > > /j_spring_security_check
>>> > > > from http://localhost:8080/myapplication, then I logged in without
>>> > > > the
>>> > > > problem.
>>> > > >
>>> > > > What did I do wrong? How can I not get /j_spring_security_check? If
>>> > > > I
>>> > > > have an invalid id/pwd, directly goes to the login page again with
>>> > > > error
>>> > > > message; if I have an Valid id/pwd, let me in.
>>> > > >
>>> > > > By the way, my index.gsp serves two purposes, first present some
>>> > > > general
>>> > > > information and allows the user to login. The second when the user
>>> > > > logged in, there are a menu with different menu items for different
>>> > > > roles. A user with student role will have different menu items than
>>> > > > a
>>> > > > user with teacher role. So when a user login by
>>> > > > localhost:8080/myapplication, the index.gsp is displayed. After the
>>> > > > user
>>> > > > logged in,, the index.gsp is shown again with the proper menu
>>> > > > presented.
>>> > > >
>>> > > > Thank you
>>> > > >
>>> > > > Q
>>> > > >
>>> > > >
>>> > > >
>>> > >
>>> > > ---------------------------------------------------------------------
>>> > > To unsubscribe from this list, please visit:
>>> > >
>>> > > http://xircles.codehaus.org/manage_email
>>> > >
>>> > >
>>> >
>>> >
>>>
>>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe from this list, please visit:
>>
>>     http://xircles.codehaus.org/manage_email
>>
>>
>>
>>
>>
>>
>
>
>
> --
> Studio Ingegneria dell'Informazione
> via Marconi,1 35040 Carceri (PD)
> cell 335 615 23 53
> http://it.linkedin.com/in/paolofoletto
> Posta Elettronica Certificata paolo.foletto[at]ingpec.eu
>
> ---------------------------------------------------------------------
> To unsubscribe from this list, please visit:
>
>     http://xircles.codehaus.org/manage_email
>
>
>
>


--
Studio Ingegneria dell'Informazione
via Marconi,1 35040 Carceri (PD)
cell 335 615 23 53
http://it.linkedin.com/in/paolofoletto
Posta Elettronica Certificata paolo.foletto[at]ingpec.eu


---------------------------------------------------------------------
To unsubscribe from this list, please visit:

    http://xircles.codehaus.org/manage_email

JQueryMobile02.zip (252K) Download Attachment
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Problem of combination of Springsecurity and JQuery,Mobile

Qin Ding
Paolo:

I tried to send you the app but was not delivered due to the size.  Do you  have another address that I can send you my application.  This is the app with only the necessary plugins to show the problem.

Q


From: paolo foletto <[hidden email]>
To: [hidden email]
Sent: Sunday, December 4, 2011 2:47 AM
Subject: Re: [grails-user] Problem of combination of Springsecurity and JQuery,Mobile

please, can you send an application to replicate your situation?
I create an application
Grails 1.3.7
spring-security-core-1.2.6
jquery 1.7
jquery-mobile 1.0.3

I add in the bootstrap 3 roles
I create an Home controller and the application works after
installing the plugin jquery
I confirm that Grails 2.0.0 is using jquery and jquery-mobile as default
Paolo

2011/12/3 Qin Ding <[hidden email]>:

> Grails 1.3.7
> spring-security-core-1.2.4:
> jquery:-1.6.1.1
> jquery-mobile-1.0
>
> I have problems using both springsecurity plugin and Jquery plugin
> together.  The problems is that I will get the "undefined page" with
> "j_spring_security_check" in the input box, no matter whether you present
> the correct credentials or not.  You then have to manually remove the
> "j_spring_security_check" from the input before you will get the targeted
> page or error message depending whether you the credential is correct.
>
> To reproduce the problem, this is what you do:
>
> 1. create a brand new grails project and config the database;
> 2. install the spring security core plugin;  and you verify that everything
> should work.  If you type in the wrong credential, you see the error message
> in auth.gsp. If you have the right credential, you should see the next
> page.  Also I verified that the login user's role, it is all good.
> 3.  Now you install the Jquery plugin.  In my main.gsp in layout folder, I
> have the following:
> <title><g:layoutTitle default="app.title" /></title>
>         <meta name="viewport" content="width=device-width, initial-scale=1">
>         <link rel="stylesheet" type="text/css"
> href="http://code.jquery.com/mobile/1.0/jquery.mobile-1.0.min.css" />
>         <link rel="stylesheet" type="text/css"
> href="http://dev.jtsage.com/cdn/datebox/latest/jquery.mobile.datebox.min.css"
> />
>         <link rel="stylesheet" href="${resource(dir:'css',file:'main.css')}"
> type="text/css" media="all"/>
>         <script type="text/javascript"
> src="http://code.jquery.com/jquery-1.6.4.min.js"></script>
>         <script type="text/javascript"
> src="http://code.jquery.com/mobile/1.0/jquery.mobile-1.0.min.js"></script>
>
>         <script type="text/javascript"
> src="http://dev.jtsage.com/cdn/datebox/latest/jquery.mobile.datebox.min.js"></script>
>         <script type="text/javascript"
> src="http://dev.jtsage.com/cdn/datebox/i8n/jquery.mobile.datebox.i8n.en.js"></script>
>         <link rel="shortcut icon"
> href="${resource(dir:'images',file:'favicon.ico')}" type="image/x-icon" />
>
> 4.  In my index.gsp:
>     <head>
>         <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"
> />
>         <meta name="layout" content="main" />
>     </head>
>     <body>
>
>         <div data-role="page" data-title="Home">
>             <div data-role="header" data-nobackbtn="true"
> data-position="fixed" data-inset="true" data-theme="b">
>                 <sec:ifLoggedIn>
>                     <h1><sec:loggedInUserInfo
> field="fullName"></sec:loggedInUserInfo></h1>
>                      <g:link controller="logout" data-icon="minus"
> class="ui-btn-right"><g:message code="signout"/></g:link>
>                   </sec:ifLoggedIn>
>                 <sec:ifNotLoggedIn>
>                     <h1><g:message code="default.home.label" /></h1>
>                     <g:link controller="login" action="auth"
> data-icon="check" class="ui-btn-right">
>                         <g:message code="login" />
>                     </g:link>
>                 </sec:ifNotLoggedIn>
>             </div>
>
>             <div data-role="content">
>                 <sec:ifNotLoggedIn>
>                     <h1>Welcome</h1>
>                     <p>Welcome</p>
>                 </sec:ifNotLoggedIn>
>                 <sec:ifAllGranted roles="ROLE_ADMIN">
>                     <p>Welcome you as an admin.</p>
>                 </sec:ifAllGranted>
>
>                 <sec:ifAllGranted roles="ROLE_TEACHER">
>                     <p>Welcome you as a teacher.</p>
>                 </sec:ifAllGranted>
>
>                 <sec:ifAllGranted roles="ROLE_STUDENT">
>                     <p>Welcome you as a student.</p>
>                 </sec:ifAllGranted>
>             </div>
>         </div>
> 5. In my Urlmappings.groovy:
>     static mappings = {
>         "/login/$action?"(controller: "login")
>         "/logout/$action?"(controller: "logout")
>         "/$controller/$action?/$id?"{
>             constraints {
>                 // apply constraints here
>             }
>         }
>
>         "/"(view:"/index")
>         "500"(view:'/error')
>     }
>
> 6. in my Config.groovy:
> grails.plugins.springsecurity.interceptUrlMap = [
>     '/teacher/*': ['IS_AUTHENTICATED_REMEMBERED', 'ROLE_TEACHER',
> 'ROLE_ADMIN'],
>     '/student/*': ['IS_AUTHENTICATED_REMEMBERED','ROLE_STUDENT',
> 'ROLE_TEACHER', 'ROLE_ADMIN'],
>     '/.**': ['IS_AUTHENTICATED_ANONYMOUSLY']
> ]
>
> 7.  run the application. You will see Welcome and a button for login.  Click
> the button, you're challenged with auth.gsp.  Now, type in the right
> credential, you will get a page with word "undefined". In the url input you
> see "http://localhost:8080/myapp/j_spring_security_check". Now, you manually
> remove the j_spring_security_check, and then press the enter key, you will
> get index.gsp with welcome you as an admin, or welcome you as a teacher, or
> welcome you as a student, depending on your credential's role.  The problem
> is that you won't get the index.gsp unless you remove the
> j_spring_security_check and then press the enter.  The same for wrong
> credential.  You won't see the error msg unless you remove the
> j_spring_security_check and press the enter again.
>
> 6. now you completely remove the jquery and mobile js and css from the
> application. Now login works again.
>
> I heard that the grails will have jquery as defult in version 2.0.  So, the
> springSecurityCore plugin has to live together with jquery.  And Jquery
> (mobile) is important to this application, so as springsecurity core
> plugin.  I am sure someone must use the combination of the two together.  I
> need to know if you experience the same problem. If you do, would you please
> share with me how you fix the problem.  If you don't have the problem, would
> you please let me know the version of grails, security plugin, jquery
> mobile...you used.  I seem stuck here.
>
> Thank you very much.
>
> Q
>
>
>
> ________________________________
> From: paolo foletto <[hidden email]>
> To: [hidden email]
> Sent: Saturday, December 3, 2011 3:35 AM
> Subject: Re: [grails-user] springsecurity plugin usage problem still not
> solved
>
> hi, I suggest to change the subject of the request in a more specific way
> related to the combination of springsecurity and mobile.css
> if you put an example of an application to replicate the problem
> may be that can be easier give an hand.
> Paolo
>
> 2011/12/3 Qin Ding <[hidden email]>:
>> I still can't figure out why the springsecurity plugin does not work in my
>> application with jquery mobile.  I created a new project with security
>> plugin only, then it works fine.  After I added Jquery Mobile plugin, then
>> the login does not work any more.
>>
>> Both plugins are important to the application.  Does anyone know how to
>> fix
>> this?
>>
>> Jquery lib is in the layout file.  So, the auth.gsp using this layout.
>>  Now,
>> I remove the meta tag reference the layout in the auth.gsp.  So, in the
>> first index.gsp, which is decorated by the Jquery mobile, I clicked the
>> login,  the auth.gsp is displayed as if it still has the JQuery's css; but
>> when I view the page source, it shows NO Jquery. I have to refresh the
>> auth.gsp page second time before I login, then it works.  I don't know why
>> I
>> have to manually refresh the page twice before it works.
>>
>> If someone knows how to fix this or have some ideas how to fix, please let
>> me know.  I am stuck here.  Thank you.
>>
>> Q
>>
>> ________________________________
>> From: Qin Ding <[hidden email]>
>> To: "[hidden email]" <[hidden email]>
>> Sent: Saturday, November 26, 2011 5:11 PM
>> Subject: Re: [grails-user] springsecurity plugin usage problem
>>
>> Is there a way I can do in order to debug through this?  Simply set a
>> breakpoint on the loginController did not reveal anything. Set the log4j
>> debug on springsecurity generated too much information for me to see
>> anything related to this problem.
>>
>> Q
>>
>> ________________________________
>> From: Burt Beckwith <[hidden email]>
>> To: [hidden email]
>> Sent: Saturday, November 26, 2011 3:36 PM
>> Subject: Re: [grails-user] springsecurity plugin usage problem
>>
>> It's not an action, it's a uri - the value of the "postUrl" attribute is
>> set
>> in LoginController. By default it's "/j_spring_security_check". This is
>> intercepted by Spring Security to process the authentication.
>>
>> Burt
>>
>>> What action is it being mapped to  ? I don't see that...
>>>
>>> - Harjit
>>> On Nov 25, 2011, at 11:31 PM, Qin Ding wrote:
>>>
>>> > I checked that originally it was <form action='${postUrl}'
>>> > method='POST'
>>> > id='loginForm' class='cssform'>...</form>
>>> >
>>> > After I changed to <g:form action='${postUrl}' method='POST'
>>> > id='loginForm' class='cssform'>...</g:form>,  the auth.gsp is not
>>> > loaded any
>>> > more "Error loading page". There is no error output in the console,
>>> > though.
>>> > So I don't know what cause the error in loading the page.
>>> >
>>> > I don't manually encode the password.
>>> >
>>> > Q
>>> >
>>> > From: James Zhang <[hidden email]>
>>> > To: [hidden email]
>>> > Sent: Friday, November 25, 2011 9:26 PM
>>> > Subject: RE: [grails-user] springsecurity plugin usage problem
>>> >
>>> > Can you please check in your auth.gsp, are you using g:form or <form> ?
>>> >
>>> > You have to use <g:form> to make it work.
>>> >
>>> > > Date: Fri, 25 Nov 2011 20:30:47 -0500
>>> > > From: [hidden email]
>>> > > To: [hidden email]
>>> > > Subject: Re: [grails-user] springsecurity plugin usage problem
>>> > >
>>> > > Hi,
>>> > >
>>> > > By any chance do you have a mismatch in the password encoding?
>>> > >
>>> > > From
>>> > >
>>> > >
>>> > > <http://grails.1312388.n4.nabble.com/ANN-Spring-Security-Core-Plugin-1-2-released-td3708266.html>
>>> > > :
>>> > >
>>> > > "...version 1.2 of the Spring Security Core plugin...the 'user'
>>> > > domain
>>> > > class now handles password encryption, so you no longer need to call
>>> > > springSecurityService.encodePassword() when creating or updating a
>>> > > user
>>> > > - just create it the normal way, e.g. "new User(username: 'me',
>>> > > password: 'secret', enabled: true)" and it will get
>>> > > auto-encrypted...."
>>> > >
>>> > > Also, the last I knew the Spring Security UI plugin had not been
>>> > > updated
>>> > > to align with this change. Which means it will doubly encode the
>>> > > password, when using the UI plugin to create new users.
>>> > >
>>> > > Paul
>>> > >
>>> > >
>>> > > On 11/25/2011 7:33 PM, Qin Ding wrote:
>>> > > > I am using springSecurity plugin. Seems working but there is a
>>> > > > problem I
>>> > > > don't know how to fix it.
>>> > > >
>>> > > > In my config.groovy, I have the following:
>>> > > > grails.plugins.springsecurity.interceptUrlMap = [
>>> > > > '/abc/*': ['IS_AUTHENTICATED_REMEMBERED', 'ROLE_ADMIN'],
>>> > > > '/xyz/*': ['IS_AUTHENTICATED_REMEMBERED', 'ROLE_ADMIN'],
>>> > > > '/student/*': ['IS_AUTHENTICATED_REMEMBERED', 'ROLE_STUDENT',
>>> > > > 'ROLE_ADMIN'],
>>> > > > '/teacher/*': ['IS_AUTHENTICATED_REMEMBERED','ROLE_TEACHER',
>>> > > > 'ROLE_ADMIN'],
>>> > > > '/.**': ['IS_AUTHENTICATED_ANONYMOUSLY']
>>> > > > ]
>>> > > >
>>> > > > In my UrlMappings.groovy, I have the following:
>>> > > > static mappings = {
>>> > > > "/login/$action?"(controller: "login")
>>> > > > "/logout/$action?"(controller: "logout")
>>> > > > "/$controller/$action?/$id?"{
>>> > > > constraints {
>>> > > > // apply constraints here
>>> > > > }
>>> > > > }
>>> > > > "/"(view:"/index")
>>> > > > "500"(view:'/error')
>>> > > > }
>>> > > > On my welcome page (/index.gsp), I have a link for login. When I
>>> > > > click
>>> > > > the login, the auth.gsp page is shown, I typed an INVALID the
>>> > > > username/password, I got a page with message "undefined", and the
>>> > > > url is
>>> > > > http://localhost:8080/myapplication/j_spring_security_check
>>> > > > <http://localhost:8080/m.exerpal/j_spring_security_check>. Refresh
>>> > > > the
>>> > > > page, then I got the Sorry, we were not able to find a user with
>>> > > > that
>>> > > > username and password on the auth.gsp.
>>> > > >
>>> > > > Now I typed an VALID username/password, I got the same "undefined"
>>> > > > page
>>> > > > which is
>>> > > > http://localhost:8080/myapplication/j_spring_security_check
>>> > > > <http://localhost:8080/m.exerpal/j_spring_security_check>. Refresh
>>> > > > this
>>> > > > page, I got the Sorry, we were not able to find a user with that
>>> > > > username and password on the auth.gsp. Remove
>>> > > > /j_spring_security_check
>>> > > > from http://localhost:8080/myapplication, then I logged in without
>>> > > > the
>>> > > > problem.
>>> > > >
>>> > > > What did I do wrong? How can I not get /j_spring_security_check? If
>>> > > > I
>>> > > > have an invalid id/pwd, directly goes to the login page again with
>>> > > > error
>>> > > > message; if I have an Valid id/pwd, let me in.
>>> > > >
>>> > > > By the way, my index.gsp serves two purposes, first present some
>>> > > > general
>>> > > > information and allows the user to login. The second when the user
>>> > > > logged in, there are a menu with different menu items for different
>>> > > > roles. A user with student role will have different menu items than
>>> > > > a
>>> > > > user with teacher role. So when a user login by
>>> > > > localhost:8080/myapplication, the index.gsp is displayed. After the
>>> > > > user
>>> > > > logged in,, the index.gsp is shown again with the proper menu
>>> > > > presented.
>>> > > >
>>> > > > Thank you
>>> > > >
>>> > > > Q
>>> > > >
>>> > > >
>>> > > >
>>> > >
>>> > > ---------------------------------------------------------------------
>>> > > To unsubscribe from this list, please visit:
>>> > >
>>> > > http://xircles.codehaus.org/manage_email
>>> > >
>>> > >
>>> >
>>> >
>>>
>>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe from this list, please visit:
>>
>>     http://xircles.codehaus.org/manage_email
>>
>>
>>
>>
>>
>>
>
>
>
> --
> Studio Ingegneria dell'Informazione
> via Marconi,1 35040 Carceri (PD)
> cell 335 615 23 53
> http://it.linkedin.com/in/paolofoletto
> Posta Elettronica Certificata paolo.foletto[at]ingpec.eu
>
> ---------------------------------------------------------------------
> To unsubscribe from this list, please visit:
>
>     http://xircles.codehaus.org/manage_email
>
>
>
>



--
Studio Ingegneria dell'Informazione
via Marconi,1 35040 Carceri (PD)
cell 335 615 23 53
http://it.linkedin.com/in/paolofoletto
Posta Elettronica Certificata paolo.foletto[at]ingpec.eu


---------------------------------------------------------------------
To unsubscribe from this list, please visit:

    http://xircles.codehaus.org/manage_email


Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Problem of combination of Springsecurity and JQuery,Mobile

paolo.foletto
Qin:
Have you tried to update the plugins?

try to send using yousendit or the function for big files of yahoo email,
try to send pfoletto[at]yahoo.it
Paolo

2011/12/4 Qin Ding <[hidden email]>:

> Paolo:
>
> I tried to send you the app but was not delivered due to the size.  Do you
>  have another address that I can send you my application.  This is the app
> with only the necessary plugins to show the problem.
>
> Q
>
> ________________________________
> From: paolo foletto <[hidden email]>
> To: [hidden email]
> Sent: Sunday, December 4, 2011 2:47 AM
> Subject: Re: [grails-user] Problem of combination of Springsecurity and
> JQuery,Mobile
>
> please, can you send an application to replicate your situation?
> I create an application
> Grails 1.3.7
> spring-security-core-1.2.6
> jquery 1.7
> jquery-mobile 1.0.3
>
> I add in the bootstrap 3 roles
> I create an Home controller and the application works after
> installing the plugin jquery
> I confirm that Grails 2.0.0 is using jquery and jquery-mobile as default
> Paolo
>
> 2011/12/3 Qin Ding <[hidden email]>:
>> Grails 1.3.7
>> spring-security-core-1.2.4:
>> jquery:-1.6.1.1
>> jquery-mobile-1.0
>>
>> I have problems using both springsecurity plugin and Jquery plugin
>> together.  The problems is that I will get the "undefined page" with
>> "j_spring_security_check" in the input box, no matter whether you present
>> the correct credentials or not.  You then have to manually remove the
>> "j_spring_security_check" from the input before you will get the targeted
>> page or error message depending whether you the credential is correct.
>>
>> To reproduce the problem, this is what you do:
>>
>> 1. create a brand new grails project and config the database;
>> 2. install the spring security core plugin;  and you verify that
>> everything
>> should work.  If you type in the wrong credential, you see the error
>> message
>> in auth.gsp. If you have the right credential, you should see the next
>> page.  Also I verified that the login user's role, it is all good.
>> 3.  Now you install the Jquery plugin.  In my main.gsp in layout folder, I
>> have the following:
>> <title><g:layoutTitle default="app.title" /></title>
>>         <meta name="viewport" content="width=device-width,
>> initial-scale=1">
>>         <link rel="stylesheet" type="text/css"
>> href="http://code.jquery.com/mobile/1.0/jquery.mobile-1.0.min.css" />
>>         <link rel="stylesheet" type="text/css"
>>
>> href="http://dev.jtsage.com/cdn/datebox/latest/jquery.mobile.datebox.min.css"
>> />
>>         <link rel="stylesheet"
>> href="${resource(dir:'css',file:'main.css')}"
>> type="text/css" media="all"/>
>>         <script type="text/javascript"
>> src="http://code.jquery.com/jquery-1.6.4.min.js"></script>
>>         <script type="text/javascript"
>> src="http://code.jquery.com/mobile/1.0/jquery.mobile-1.0.min.js"></script>
>>
>>         <script type="text/javascript"
>>
>> src="http://dev.jtsage.com/cdn/datebox/latest/jquery.mobile.datebox.min.js"></script>
>>         <script type="text/javascript"
>>
>> src="http://dev.jtsage.com/cdn/datebox/i8n/jquery.mobile.datebox.i8n.en.js"></script>
>>         <link rel="shortcut icon"
>> href="${resource(dir:'images',file:'favicon.ico')}" type="image/x-icon" />
>>
>> 4.  In my index.gsp:
>>     <head>
>>         <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"
>> />
>>         <meta name="layout" content="main" />
>>     </head>
>>     <body>
>>
>>         <div data-role="page" data-title="Home">
>>             <div data-role="header" data-nobackbtn="true"
>> data-position="fixed" data-inset="true" data-theme="b">
>>                 <sec:ifLoggedIn>
>>                     <h1><sec:loggedInUserInfo
>> field="fullName"></sec:loggedInUserInfo></h1>
>>                      <g:link controller="logout" data-icon="minus"
>> class="ui-btn-right"><g:message code="signout"/></g:link>
>>                   </sec:ifLoggedIn>
>>                 <sec:ifNotLoggedIn>
>>                     <h1><g:message code="default.home.label" /></h1>
>>                     <g:link controller="login" action="auth"
>> data-icon="check" class="ui-btn-right">
>>                         <g:message code="login" />
>>                     </g:link>
>>                 </sec:ifNotLoggedIn>
>>             </div>
>>
>>             <div data-role="content">
>>                 <sec:ifNotLoggedIn>
>>                     <h1>Welcome</h1>
>>                     <p>Welcome</p>
>>                 </sec:ifNotLoggedIn>
>>                 <sec:ifAllGranted roles="ROLE_ADMIN">
>>                     <p>Welcome you as an admin.</p>
>>                 </sec:ifAllGranted>
>>
>>                 <sec:ifAllGranted roles="ROLE_TEACHER">
>>                     <p>Welcome you as a teacher.</p>
>>                 </sec:ifAllGranted>
>>
>>                 <sec:ifAllGranted roles="ROLE_STUDENT">
>>                     <p>Welcome you as a student.</p>
>>                 </sec:ifAllGranted>
>>             </div>
>>         </div>
>> 5. In my Urlmappings.groovy:
>>     static mappings = {
>>         "/login/$action?"(controller: "login")
>>         "/logout/$action?"(controller: "logout")
>>         "/$controller/$action?/$id?"{
>>             constraints {
>>                 // apply constraints here
>>             }
>>         }
>>
>>         "/"(view:"/index")
>>         "500"(view:'/error')
>>     }
>>
>> 6. in my Config.groovy:
>> grails.plugins.springsecurity.interceptUrlMap = [
>>     '/teacher/*': ['IS_AUTHENTICATED_REMEMBERED', 'ROLE_TEACHER',
>> 'ROLE_ADMIN'],
>>     '/student/*': ['IS_AUTHENTICATED_REMEMBERED','ROLE_STUDENT',
>> 'ROLE_TEACHER', 'ROLE_ADMIN'],
>>     '/.**': ['IS_AUTHENTICATED_ANONYMOUSLY']
>> ]
>>
>> 7.  run the application. You will see Welcome and a button for login.
>> Click
>> the button, you're challenged with auth.gsp.  Now, type in the right
>> credential, you will get a page with word "undefined". In the url input
>> you
>> see "http://localhost:8080/myapp/j_spring_security_check". Now, you
>> manually
>> remove the j_spring_security_check, and then press the enter key, you will
>> get index.gsp with welcome you as an admin, or welcome you as a teacher,
>> or
>> welcome you as a student, depending on your credential's role.  The
>> problem
>> is that you won't get the index.gsp unless you remove the
>> j_spring_security_check and then press the enter.  The same for wrong
>> credential.  You won't see the error msg unless you remove the
>> j_spring_security_check and press the enter again.
>>
>> 6. now you completely remove the jquery and mobile js and css from the
>> application. Now login works again.
>>
>> I heard that the grails will have jquery as defult in version 2.0.  So,
>> the
>> springSecurityCore plugin has to live together with jquery.  And Jquery
>> (mobile) is important to this application, so as springsecurity core
>> plugin.  I am sure someone must use the combination of the two together.
>> I
>> need to know if you experience the same problem. If you do, would you
>> please
>> share with me how you fix the problem.  If you don't have the problem,
>> would
>> you please let me know the version of grails, security plugin, jquery
>> mobile...you used.  I seem stuck here.
>>
>> Thank you very much.
>>
>> Q
>>
>>
>>
>> ________________________________
>> From: paolo foletto <[hidden email]>
>> To: [hidden email]
>> Sent: Saturday, December 3, 2011 3:35 AM
>> Subject: Re: [grails-user] springsecurity plugin usage problem still not
>> solved
>>
>> hi, I suggest to change the subject of the request in a more specific way
>> related to the combination of springsecurity and mobile.css
>> if you put an example of an application to replicate the problem
>> may be that can be easier give an hand.
>> Paolo
>>
>> 2011/12/3 Qin Ding <[hidden email]>:
>>> I still can't figure out why the springsecurity plugin does not work in
>>> my
>>> application with jquery mobile.  I created a new project with security
>>> plugin only, then it works fine.  After I added Jquery Mobile plugin,
>>> then
>>> the login does not work any more.
>>>
>>> Both plugins are important to the application.  Does anyone know how to
>>> fix
>>> this?
>>>
>>> Jquery lib is in the layout file.  So, the auth.gsp using this layout.
>>>  Now,
>>> I remove the meta tag reference the layout in the auth.gsp.  So, in the
>>> first index.gsp, which is decorated by the Jquery mobile, I clicked the
>>> login,  the auth.gsp is displayed as if it still has the JQuery's css;
>>> but
>>> when I view the page source, it shows NO Jquery. I have to refresh the
>>> auth.gsp page second time before I login, then it works.  I don't know
>>> why
>>> I
>>> have to manually refresh the page twice before it works.
>>>
>>> If someone knows how to fix this or have some ideas how to fix, please
>>> let
>>> me know.  I am stuck here.  Thank you.
>>>
>>> Q
>>>
>>> ________________________________
>>> From: Qin Ding <[hidden email]>
>>> To: "[hidden email]" <[hidden email]>
>>> Sent: Saturday, November 26, 2011 5:11 PM
>>> Subject: Re: [grails-user] springsecurity plugin usage problem
>>>
>>> Is there a way I can do in order to debug through this?  Simply set a
>>> breakpoint on the loginController did not reveal anything. Set the log4j
>>> debug on springsecurity generated too much information for me to see
>>> anything related to this problem.
>>>
>>> Q
>>>
>>> ________________________________
>>> From: Burt Beckwith <[hidden email]>
>>> To: [hidden email]
>>> Sent: Saturday, November 26, 2011 3:36 PM
>>> Subject: Re: [grails-user] springsecurity plugin usage problem
>>>
>>> It's not an action, it's a uri - the value of the "postUrl" attribute is
>>> set
>>> in LoginController. By default it's "/j_spring_security_check". This is
>>> intercepted by Spring Security to process the authentication.
>>>
>>> Burt
>>>
>>>> What action is it being mapped to  ? I don't see that...
>>>>
>>>> - Harjit
>>>> On Nov 25, 2011, at 11:31 PM, Qin Ding wrote:
>>>>
>>>> > I checked that originally it was <form action='${postUrl}'
>>>> > method='POST'
>>>> > id='loginForm' class='cssform'>...</form>
>>>> >
>>>> > After I changed to <g:form action='${postUrl}' method='POST'
>>>> > id='loginForm' class='cssform'>...</g:form>,  the auth.gsp is not
>>>> > loaded any
>>>> > more "Error loading page". There is no error output in the console,
>>>> > though.
>>>> > So I don't know what cause the error in loading the page.
>>>> >
>>>> > I don't manually encode the password.
>>>> >
>>>> > Q
>>>> >
>>>> > From: James Zhang <[hidden email]>
>>>> > To: [hidden email]
>>>> > Sent: Friday, November 25, 2011 9:26 PM
>>>> > Subject: RE: [grails-user] springsecurity plugin usage problem
>>>> >
>>>> > Can you please check in your auth.gsp, are you using g:form or <form>
>>>> > ?
>>>> >
>>>> > You have to use <g:form> to make it work.
>>>> >
>>>> > > Date: Fri, 25 Nov 2011 20:30:47 -0500
>>>> > > From: [hidden email]
>>>> > > To: [hidden email]
>>>> > > Subject: Re: [grails-user] springsecurity plugin usage problem
>>>> > >
>>>> > > Hi,
>>>> > >
>>>> > > By any chance do you have a mismatch in the password encoding?
>>>> > >
>>>> > > From
>>>> > >
>>>> > >
>>>> > >
>>>> > > <http://grails.1312388.n4.nabble.com/ANN-Spring-Security-Core-Plugin-1-2-released-td3708266.html>
>>>> > > :
>>>> > >
>>>> > > "...version 1.2 of the Spring Security Core plugin...the 'user'
>>>> > > domain
>>>> > > class now handles password encryption, so you no longer need to call
>>>> > > springSecurityService.encodePassword() when creating or updating a
>>>> > > user
>>>> > > - just create it the normal way, e.g. "new User(username: 'me',
>>>> > > password: 'secret', enabled: true)" and it will get
>>>> > > auto-encrypted...."
>>>> > >
>>>> > > Also, the last I knew the Spring Security UI plugin had not been
>>>> > > updated
>>>> > > to align with this change. Which means it will doubly encode the
>>>> > > password, when using the UI plugin to create new users.
>>>> > >
>>>> > > Paul
>>>> > >
>>>> > >
>>>> > > On 11/25/2011 7:33 PM, Qin Ding wrote:
>>>> > > > I am using springSecurity plugin. Seems working but there is a
>>>> > > > problem I
>>>> > > > don't know how to fix it.
>>>> > > >
>>>> > > > In my config.groovy, I have the following:
>>>> > > > grails.plugins.springsecurity.interceptUrlMap = [
>>>> > > > '/abc/*': ['IS_AUTHENTICATED_REMEMBERED', 'ROLE_ADMIN'],
>>>> > > > '/xyz/*': ['IS_AUTHENTICATED_REMEMBERED', 'ROLE_ADMIN'],
>>>> > > > '/student/*': ['IS_AUTHENTICATED_REMEMBERED', 'ROLE_STUDENT',
>>>> > > > 'ROLE_ADMIN'],
>>>> > > > '/teacher/*': ['IS_AUTHENTICATED_REMEMBERED','ROLE_TEACHER',
>>>> > > > 'ROLE_ADMIN'],
>>>> > > > '/.**': ['IS_AUTHENTICATED_ANONYMOUSLY']
>>>> > > > ]
>>>> > > >
>>>> > > > In my UrlMappings.groovy, I have the following:
>>>> > > > static mappings = {
>>>> > > > "/login/$action?"(controller: "login")
>>>> > > > "/logout/$action?"(controller: "logout")
>>>> > > > "/$controller/$action?/$id?"{
>>>> > > > constraints {
>>>> > > > // apply constraints here
>>>> > > > }
>>>> > > > }
>>>> > > > "/"(view:"/index")
>>>> > > > "500"(view:'/error')
>>>> > > > }
>>>> > > > On my welcome page (/index.gsp), I have a link for login. When I
>>>> > > > click
>>>> > > > the login, the auth.gsp page is shown, I typed an INVALID the
>>>> > > > username/password, I got a page with message "undefined", and the
>>>> > > > url is
>>>> > > > http://localhost:8080/myapplication/j_spring_security_check
>>>> > > > <http://localhost:8080/m.exerpal/j_spring_security_check>. Refresh
>>>> > > > the
>>>> > > > page, then I got the Sorry, we were not able to find a user with
>>>> > > > that
>>>> > > > username and password on the auth.gsp.
>>>> > > >
>>>> > > > Now I typed an VALID username/password, I got the same "undefined"
>>>> > > > page
>>>> > > > which is
>>>> > > > http://localhost:8080/myapplication/j_spring_security_check
>>>> > > > <http://localhost:8080/m.exerpal/j_spring_security_check>. Refresh
>>>> > > > this
>>>> > > > page, I got the Sorry, we were not able to find a user with that
>>>> > > > username and password on the auth.gsp. Remove
>>>> > > > /j_spring_security_check
>>>> > > > from http://localhost:8080/myapplication, then I logged in without
>>>> > > > the
>>>> > > > problem.
>>>> > > >
>>>> > > > What did I do wrong? How can I not get /j_spring_security_check?
>>>> > > > If
>>>> > > > I
>>>> > > > have an invalid id/pwd, directly goes to the login page again with
>>>> > > > error
>>>> > > > message; if I have an Valid id/pwd, let me in.
>>>> > > >
>>>> > > > By the way, my index.gsp serves two purposes, first present some
>>>> > > > general
>>>> > > > information and allows the user to login. The second when the user
>>>> > > > logged in, there are a menu with different menu items for
>>>> > > > different
>>>> > > > roles. A user with student role will have different menu items
>>>> > > > than
>>>> > > > a
>>>> > > > user with teacher role. So when a user login by
>>>> > > > localhost:8080/myapplication, the index.gsp is displayed. After
>>>> > > > the
>>>> > > > user
>>>> > > > logged in,, the index.gsp is shown again with the proper menu
>>>> > > > presented.
>>>> > > >
>>>> > > > Thank you
>>>> > > >
>>>> > > > Q
>>>> > > >
>>>> > > >
>>>> > > >
>>>> > >
>>>> > >
>>>> > > ---------------------------------------------------------------------
>>>> > > To unsubscribe from this list, please visit:
>>>> > >
>>>> > > http://xircles.codehaus.org/manage_email
>>>> > >
>>>> > >
>>>> >
>>>> >
>>>>
>>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe from this list, please visit:
>>>
>>>     http://xircles.codehaus.org/manage_email
>>>
>>>
>>>
>>>
>>>
>>>
>>
>>
>>
>> --
>> Studio Ingegneria dell'Informazione
>> via Marconi,1 35040 Carceri (PD)
>> cell 335 615 23 53
>> http://it.linkedin.com/in/paolofoletto
>> Posta Elettronica Certificata paolo.foletto[at]ingpec.eu
>>
>> ---------------------------------------------------------------------
>> To unsubscribe from this list, please visit:
>>
>>     http://xircles.codehaus.org/manage_email
>>
>>
>>
>>
>
>
>
> --
> Studio Ingegneria dell'Informazione
> via Marconi,1 35040 Carceri (PD)
> cell 335 615 23 53
> http://it.linkedin.com/in/paolofoletto
> Posta Elettronica Certificata paolo.foletto[at]ingpec.eu
>
>
> ---------------------------------------------------------------------
> To unsubscribe from this list, please visit:
>
>     http://xircles.codehaus.org/manage_email
>
>



--
Studio Ingegneria dell'Informazione
via Marconi,1 35040 Carceri (PD)
cell 335 615 23 53
http://it.linkedin.com/in/paolofoletto
Posta Elettronica Certificata paolo.foletto[at]ingpec.eu

---------------------------------------------------------------------
To unsubscribe from this list, please visit:

    http://xircles.codehaus.org/manage_email


Loading...