#The final mile: Upgrade to Grails 2.4.3 and use Spring Security REST plugin

After I wrote down this series of 'Building RESTful application with Grails and AngularJS', I have received some feedback from my blogspot comments and mail. I decide to update this sample to the latest Grails and use the Spring Security REST plugin instead of my customized solution, which is more powerful and flexible.

Upgrade to Grails 2.4.3

1. Update the version to 2.4.3, which is the newest when I wrote this. You can modify the value in application.properties directly or using grails command to do this work.

   grails set-grails-version 2.4.3

2. Please read the section of the official reference document to update dependencies. Note: the upgrade command is removed in Grails 2.4, this manual approach is the only way to upgrade to the latest 2.4.x.

3. Make sure all thing are done well. Run the app via command line.

   grails run-app

If there is no exception or error info in the console, you have upgraded your application successfully. Congratulations!

Configure Spring Security REST Plugin

Spring Security REST plugin is an extension of Spring Security plugin which provides some flexible options for REST API protection.

1. Open BuildConfig.groovy file, and ddd Spring Security REST Plugin in the plugins section.

   <pre> compile ":spring-security-rest:1.4.0", { excludes: 'spring-security-core' } </pre>

2. Add the basic configuration in the Config.groovy file.

   <pre> //Config for Spring Security REST plugin //login grails.plugin.springsecurity.rest.login.active=true grails.plugin.springsecurity.rest.login.endpointUrl="/api/login" grails.plugin.springsecurity.rest.login.failureStatusCode=401 grails.plugin.springsecurity.rest.login.useJsonCredentials=true grails.plugin.springsecurity.rest.login.usernamePropertyName='username' grails.plugin.springsecurity.rest.login.passwordPropertyName='password' //logout grails.plugin.springsecurity.rest.logout.endpointUrl='/api/logout' //token generation grails.plugin.springsecurity.rest.token.generation.useSecureRandom=true grails.plugin.springsecurity.rest.token.generation.useUUID=false //token storage // use memcached. //grails.plugin.springsecurity.rest.token.storage.useMemcached false //grails.plugin.springsecurity.rest.token.storage.memcached.hosts localhost:11211 //grails.plugin.springsecurity.rest.token.storage.memcached.username '' //grails.plugin.springsecurity.rest.token.storage.memcached.password '' //grails.plugin.springsecurity.rest.token.storage.memcached.expiration 3600 //use GROM //grails.plugin.springsecurity.rest.token.storage.useGorm false //grails.plugin.springsecurity.rest.token.storage.gorm.tokenDomainClassName null //grails.plugin.springsecurity.rest.token.storage.gorm.tokenValuePropertyName tokenValue //grails.plugin.springsecurity.rest.token.storage.gorm.usernamePropertyName username //class AuthenticationToken { // // String tokenValue // String username //} //use cache as storage grails.plugin.springsecurity.rest.token.storage.useGrailsCache=true grails.plugin.springsecurity.rest.token.storage.grailsCacheName='xauth-token' //token rendering grails.plugin.springsecurity.rest.token.rendering.usernamePropertyName='username' grails.plugin.springsecurity.rest.token.rendering.authoritiesPropertyName='roles' grails.plugin.springsecurity.rest.token.rendering.tokenPropertyName='token' //token validate grails.plugin.springsecurity.rest.token.validation.useBearerToken = true //if disable 'Bearer', you can configure a custom header. //grails.plugin.springsecurity.rest.token.validation.useBearerToken = false //grails.plugin.springsecurity.rest.token.rendering.tokenPropertyName access_token //grails.plugin.springsecurity.rest.token.validation.headerName = 'x-auth-token' grails.plugin.springsecurity.rest.token.validation.active=true grails.plugin.springsecurity.rest.token.validation.endpointUrl='/api/validate' grails{ plugin{ springsecurity{ filterChain{ chainMap = [ '/api/guest/**': 'anonymousAuthenticationFilter,restTokenValidationFilter,restExceptionTranslationFilter,filterInvocationInterceptor', '/api/**': 'JOINED_FILTERS,-exceptionTranslationFilter,-authenticationProcessingFilter,-securityContextPersistenceFilter', // Stateless chain '/**': 'JOINED_FILTERS,-restTokenValidationFilter,-restExceptionTranslationFilter' // Traditional chain ] } rest { token { validation { enableAnonymousAccess = true } } } } } } </pre>

More details for the configuration, please read the .

Configure CORS

By default there is a CORS plugin included as a dependency of Spring security REST Plugin.

Of course, you can declare it in BuildConfig.groovy file explicitly.

<pre> runtime ":cors:1.1.6" </pre>

Add the following configuration in Config.groovy file.

<pre> //cors config. cors.enabled=true cors.url.pattern = '/api/*' cors.headers=[ 'Access-Control-Allow-Origin': '*', 'Access-Control-Allow-Credentials': true, 'Access-Control-Allow-Headers': 'origin, authorization, accept, content-type, x-requested-with', 'Access-Control-Allow-Methods': 'GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS', 'Access-Control-Max-Age': 3600 ] </pre>

Update frontend codes

Due to the modification of the backend codes, you could have to change the authentication in the frontend codes.

Change the login code fragment in the app.js file.

<pre> $http.post(apiUrl+'/login', {username: username, password: password}) .success(function(user){ console.log('logged in successfully!') $rootScope.user = user; $http.defaults.headers.common['Authorization'] = 'Bearer '+user.token; $cookieStore.put('user', user); $rootScope.$broadcast('event:loginConfirmed'); }); </pre>

##Run the project

1. I have committed the codes into my github account. Clone it into your system.

   git clone https://github.com/hantsy/angularjs-grails-sample

2. Run the backend application. Go to the server folder, and execute grails run-app command to start up the Grails application which works as a REST producer.

3. Run the frontend application. Go to the client folder, and run node scripts\web-server.js to serve the frontend application.

4. Open browser and navigate .

Enjoy!