Also note that JSecurity has been renamed to Apache Shiro, so you should install the corresponding plugin: grails install-plugin shiro

I’m new to Grails and JSecurity. I could run basic application on grails and tried to use the JSecurity plugin. The import classes in any Realm file i create are showing up as unresolved errors. Is there a jar file I need to add somewhere to correct this?

Thanks for your time,
Ashwini

I’m afraid you caught the documentation in a transitional state as I prepare for a 1.0 release. As I was writing it, I realised that quick-start should probably do more than it does at the moment, hence the reference to a filters class. Certainly the JSecurity documentation is out of date, so that’s why I started to update the Shiro docs. As I get time, I’ll work some more on them.

On the out-of-the-box example, you could always consider the grails.org application, although I believe that uses JSecurity still. Another option is Nimble, which is based on the Shiro plugin but provides extra features, including an admin UI. I’ll probably borrow its idea of creating a BootStrap class to create some test users for quick-start.

Cheers,

Peter

http://grails.org/plugin/shiro

Imagine then that you are a new user trying for the first time to use Shiro. First of all you encounter the confusion with renaming, from jsecurity, to shiro, then to ki or whatever.

Then you begin to follow the documentation, which you immediately get stuck with because it doesn’t say how to install the plugin.

Maybe you’re smart enough to go and do a grails install-plugin shiro, but you’ll soon get stuck again because the quick-install doesn’t quite install all the files (no filter files are created) it should. As you then return to the documentation you find quite a cliff hanger at the bottom:

“Of course, there are no users in the system yet, so you can’t successfully log in. Let’s rectify that now”

THE END. That’s it. No more documentation.

Peter, I an countless others appreciate the work that’s been done here, but what good is it if you’re the only one who understands how to use it?

Please do two things before you even think of adding another feature or fixing a bug:

First of all some decent documentation needs to be written. This is critical.

Secondly it would be extremely nice if there was an out-of-the-box working example that one could download and just “grails run-app” right away.

These two things would make it so much more easy for people like myself to appreciate the time and efford you and others have put into this project. Right now it’s causing nothing but frustration.

Thanks for letting me blow off some steam here.

I’m thinking that I could always merge the new domain classes with my modified ones, but that will get a bit tedious if the upgrades are frequent and large. So I’m thinking subclassing the domain classes would be much easier.

I only need to modify the JSecUser class, though. I just want to add a few extra attributes (i.e., email). I also want to keep the database representative of the actual domain classes being used in the system. So I’m thinking of making the JSecUser class an abstract data type, so no table is created for it. This would also render the JSecUser class un-instantiable. Is that going to cause any problems with Shiro?