So I after duplicated the error with tomcat, I realized it's a Grails bug of some sort blocking JEE container managed security instead of a problem with my configuration of Grails's Jetty.
http://jira.codehaus.org/browse/GRAILS-1778Anyway, assuming the bug can be fixed....
I am planning to add support for managing JEE security that others can use. I assume I won't be the only JEE developer adding Grails into the mix where container managed security is used. I started a plugin to manage the web.xml configuration. I could just support a file, say web-security.xml, that is the web.xml fragment for security or do something with Groovy code instead of xml. I'm open to suggestions.
However, this won't work without changes to Grails so that developers can enable container managed realms in Grails's Jetty. I am currently just hacking RunApp.groovy. But I'd like to come up with a strategy that can make it into Grails proper. Any ideas?
thanks,
Steve
Steve Tekell wrote:
I am having trouble getting standard JEE security working with Grails and Jetty. How do I get this working with Grail's Jetty?
Here's what I tried.
I altered RunApp.groovy and added (for configureHttpServer)
HashUserRealm myrealm = new HashUserRealm("MyRealm","${grailsHome}/conf/realm.properties");
server.setUserRealms((UserRealm[])[myrealm]);
that's based on what I saw here:
http://docs.codehaus.org/display/JETTY/How+to+Configure+Security+with+Embedded+Jettythen I added that same security xml into web2.4template.xml.
and of course I created the realm.properties files for the HashUserRealm
It's starts up without error, but loading the app in the browser, I get:
Error 401 - Internal Error.
And the shell output was just:
INFO: Initializing Spring FrameworkServlet 'grails-errorhandler'
I also tried the programmatic security without a web.xml with the same result.
any help is appreciated.
