benorama
commented
10 years ago Have you checked http://grails.org/plugin/spring-security-oauth? If you want to use Spring Security Core with Facebook Connect, it might simpler to integrate, isn't it?
I don't know much about Spring Security Core and just tried it a few times and it looked overcomplicated for our needs.
It looks like user registration/identification is mainly based on username+password and then you can associate FB/Twitter account to an existing account or create a new one on first authentication. Which does not fit very well with pure Facebook or Twitter auth.
To workaround that, you're going to automatically generate a username and a password after initial connect?
PatrickHuetter
Hi together,
i wouldn't like to use other plugins or dependencies to build a facebook registration/login. I decided to use the login button, provided by this plugin and build a spring security core2 login and registration.
My idea: 1) User clicks on login button and if he isn't registered yet, facebook will show the permission dialog. 2) User is ready and callback function of login button gets called. 3) The callback function sends the authToken, email, name and prename via RPC to the application where it will check wether the user already exists or is a new one (by email). If it is a new one, the app will create a new user with the given params. 4) After callback function suceeded the page reloads (as said in documentation). So i need a filter wich checks wether the user is authenticated with facebook and if yes, authenticate the user with spring security core2. 5) After page reload the user should be logged in.
Is this a good way to implement this, or does somebody have a better solution?