0

I am developing a Grails 2.2.3 plugin for internal use, and in the plugin I would like to have the configured security settings that I use in every app. Spring Security config, Spring Security LDAP config, and custom UserDetails class and UserDetailsContextMapper class.

I have all of that taken care of, but the issue I'm having is that I cannot get the dependencies to work correctly in the plugin. It works fine if the app using the plugin into declares spring-security-core and spring-security-ldap in its plugin dependencies, but apps shouldn't have to declare this dependency - the plugin should take care of it.

So how do I get this plugin to install and use the spring-security-core and spring-security-ldap plugins correctly? Here is my BuildConfig.groovy file in the plugin:

    plugins {
        compile ":spring-security-core:1.2.7.3"
        compile ":spring-security-ldap:1.0.6"
        //Putting this in the app USING the plugin makes it work fine.
    }
grantmcconnaughey
  • 10,130
  • 10
  • 37
  • 66
  • That should transitively resolve - how are you using your plugin in the app? If it's inline, this might fail, but installing from zip or a local artifactory/nexus/etc should work fine – Burt Beckwith Jul 29 '13 at 16:41
  • I was really hoping you'd show up, Burt. It is in fact inline. I am working on developing it and working with it using a test app. I can try to package it as a zip and install it that way. – grantmcconnaughey Jul 29 '13 at 16:44
  • Update: No such luck. Am I wrong to declare this in the plugins block? Should I declare it in the dependencies block instead? – grantmcconnaughey Jul 29 '13 at 16:51
  • @BurtBeckwith I have a related issue here that perhaps you could help with: https://stackoverflow.com/questions/50494260/install-grails-spring-security-ldap-and-spring-security-core-plugin-configuratio – Bmoe May 31 '18 at 13:56

1 Answers1

2

The plugins block is correct. If it's not working after installing from a zip, you might have some cruft left over from before.

To keep things in one place, I like to remove

grails.project.class.dir = "target/classes"
grails.project.test.class.dir = "target/test-classes"
grails.project.test.reports.dir = "target/test-reports"

and replace them with

grails.project.work.dir = 'target'

so everything is under the target folder. When things get weird, run rm -rf target to force a full re-resolve and rebuild.

Then, rather than using inline plugins (which aren't great about transitive deps because we read that info from POM files now and that's not available unless you package the plugin properly) or zips, use the release plugin's maven-install script.

Add this to the plugins section (removing any older version you might have):

build ':release:2.2.1', ':rest-client-builder:1.0.3', {
   export = false
}

and after running grails compile to get it resolved, the maven-install script will be available. This packages your plugin and copies it to the right place in your $HOME/.m2/repository folder. Then if you add or uncomment mavenLocal() in the repositories block in your application's BuildConfig.groovy, you can just add a dependency for your plugin in your application as if it were released in the main repo, e.g.

plugins {
   compile ':my-cool-security-plugin:0.1'
}

Re-run grails maven-install periodically when you make changes to the plugin, and delete the target directory to force a reinstall in the app.

Burt Beckwith
  • 75,342
  • 5
  • 143
  • 156
  • Thanks for being so thorough. I tried those steps. Upon compiling the plugin, Spring Security Core and LDAP both installed into the plugin. Then I ran maven-install and a `pom.xml` file was created and it looks like it does get installed to `$HOME/.m2/repository/org/grails/plugins/security-plugin/0.1/` (hopefully that is where it belongs). But still, when I try to run the app using the plugin I get compilation errors anywhere that references `org.springframework.security.*` (imports, UserDetails implementations, etc.) So no such luck. :( – grantmcconnaughey Jul 29 '13 at 18:35
  • @grantmc How does the `BuildConfig.groovy` look like in your app where you are using your custom plugin? Specifically, do you have `inherits true` in `repositories{..}`? – dmahapatro Jul 29 '13 at 18:47
  • I checked `~/.grails/2.2.3/projects/myapp/plugins/` and my security-plugin is there, but spring-security-core and spring-security-ldap are not - despite both of them being declared in that plugin's `dependencies.groovy` file and `plugin.xml` file. – grantmcconnaughey Jul 29 '13 at 18:47
  • @dmahapatro Yes, `inherits true` is in the repositories block. The plugins section looks like this: `plugins { compile 'edu.mssu:mssu-common:0.1' }` I can manually add spring-security-core and spring-security-ldap and everything will work fine. But the idea is that I don't want to have to do that for every app that uses this plugin. I would prefer for the plugin to handle that on its own. – grantmcconnaughey Jul 29 '13 at 18:49
  • @grantmc This should not be a problem if you followed Burt's approach. Only thing I have to offer here is to try `legacyResolve true` in the `BuildConfig` of your app which I should not suggest if you already have a pom generated for your plugin appropriately which specifies the dependencies for security-* plugins. – dmahapatro Jul 29 '13 at 19:13
  • You're right. I believe it should be working, as I followed Burt's instruction step by step, but I am just not having any luck. The two plugins are even in my plugins `target/plugins/` dir. – grantmcconnaughey Jul 29 '13 at 19:22
  • I'm marking this answer as correct as it contains some great information and I'm sure I'm just doing something wrong. Thanks again, Burt. – grantmcconnaughey Jul 29 '13 at 22:26