Skip to content

Commit

Permalink
before week 9
Browse files Browse the repository at this point in the history
  • Loading branch information
Dierk Koenig committed Nov 14, 2023
1 parent 74d5be9 commit 4792448
Show file tree
Hide file tree
Showing 2 changed files with 42 additions and 0 deletions.
42 changes: 42 additions & 0 deletions docs/week09/README-security.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,42 @@
# WebEngineering Module, Spring Security

## Goals

### Abilities
Being able to identify the user and set up basic security.
Run tests with security enabled.

### Knowledge
Knowing the very basics of role-based security for web applications, incl.
- Annotation based
- url pattern based (config)
- url pattern based (from DB)

## Recommended Reading
https://grails.github.io/grails-spring-security-core/5.3.x/index.html#requestMappings

Steps to follow:
see the "security" branch and follow the commits

## Notes

Better not use "User" as a domain class or db table name.
That clashes with some DBMS e.g. Postgres.

## Steps that have been taken to set up the security

follow the steps of the security branch, which includes
- add to build gradle:
implementation 'org.grails.plugins:spring-security-core:5.3.0' // added to include security
- grailsw compile
- grailsw s2-quickstart rooms SecUser SecRole
- adapt the bootstrap
- add login/logout facility
- adapt the test cases
- adapt the security settings in conf/application.groovy

- Optional:
- beautify the login view
- set up reference from SecUser to Person
- display bookings for a logged in, regular user
see https://grails.github.io/grails-spring-security-core/5.3.x/index.html#controllerMethods
Binary file added docs/week09/Security.pdf
Binary file not shown.

0 comments on commit 4792448

Please sign in to comment.