Grails 3.2.4 Application Won't Load After Adding Spring Security Plugin 3.1.1

Question

I generated a new Grails 3.2.4 application. I generated some domain objects, controllers, and services, then got the app to compile and run. I then added the following line to my build.gradle.

    dependencies {
      ...
      compile "org.grails.plugins:spring-security-core:3.1.1"
      ...
   }

I then ran the following command, as specified in the plugin docs .

grails s2-quickstart --uiOnly

I already had User, Role, and UserRole classes defined, which I pointed to in the application.groovy that this command generated, as well as defining:

grails.plugin.springsecurity.active = true

I also added some usages of the <sec:ifNotGranted> tag to some of my views.

As far as I can tell from the docs, I shouldn't have to do anything else. The Spring Security properties should have default values defined in the DefaultSecurityConfig.groovy file provided by the plugin, according to the docs linked above. However, the application will not even run now. The first error I got was:

    groovy.lang.MissingMethodException: No signature of method: static grails.plugin.springsecurity.SpringSecurityUtils.findFilterChainNames() is applicable for argument types: (org.grails.config.NavigableMap$NullSafeNavigator, java.lang.Boolean, java.lang.Boolean, java.lang.Boolean, java.lang.Boolean, java.lang.Boolean, groovy.util.ConfigObject) values: [[:], false, false, false, false, false, [:]]
Possible solutions: findFilterChainNames(java.lang.Object, boolean, boolean, boolean, boolean, boolean, boolean)
    at groovy.lang.MetaClassImpl.invokeStaticMissingMethod(MetaClassImpl.java:1503)
    at groovy.lang.MetaClassImpl.invokeStaticMethod(MetaClassImpl.java:1489)
    at org.codehaus.groovy.runtime.callsite.StaticMetaClassSite.call(StaticMetaClassSite.java:53)
    at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSiteArray.java:48)
    at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:113)
    at grails.plugin.springsecurity.ReflectionUtils.findFilterChainNames(ReflectionUtils.groovy:214)

I looked in the code where findFilterChainNames is called , and the issue is that there are some properties that should have default boolean values of either true or false (according to the docs above), but instead they aren't defined at all, causing the error shown here. I confirmed that if I define those properties myself in application.groovy, this error goes way. However, it is replaced by another error for the next undefined property the Spring Security code runs into, and so on, for each property I attempt to define myself, even though I shouldn't have to, according to the docs.

I stepped through the code where the default values from DefaultSecurityConfig.groovy should be merged into the values defined in the application.groovy . However, when DefaultSecurityConfig is loaded from the classpath and parsed in, the properties I see in the file do not end up in the returned configuration map.

I cannot figure out what I'm doing wrong, as I followed the instructions in the documentation. I tried searching for similar issues online, but couldn't find anything. Does anyone have any ideas or has anyone else run into this?

Answer 1

Whelp, I figured it out. I was stepping further into the code that should be merging the properties from the provided DefaultSecurityConfig and I noticed that a) as it was stepping through the DefaultSecurityConfig file, the breakpoints weren't lining up with the code and b) some of the returned properties had the old grails.plugins prefix instead of the new grails.plugin prefix. This got me suspicious that somehow an old version of DefaultSecurityConfig (and possibly other groovy classes) were being pulled in instead of the proper versions. I thus emptied out my ~/.grails, ~/.gradle, and ~/.m2 directories of all cached jars and classes. After that, my application seems to properly initialize Spring Security (it then fails due to being unable to find a bean that I have configured Spring Security to use as a logout handler, and I'm not sure why, but that seems to be unrelated to this issue).

Answer 2

I am using grails 3.2.8 and after configuring Spring security ldap, form based Authentication worked fine.

However, when I switched to Basic Authentication, I had same error. I was using application.properties file for configuration props for ldap and setting Basic Authentication to true.

grails.plugin.springsecurity.useBasicAuth = true

Added to application.yml and everything worked file.