Open santoshd opened 10 years ago
Hi @santoshd,
I think this repo is not maintained anymore.
Last versions of the plugin have been released from https://github.com/enr/grails-spring-security-oauth . If you have any improvement I'll be happy to apply your PRs; please note that in the master branch, the template has been removed and now the controller is a proper Grails artefact.
This refactored version has not been released yet.
If you prefer to continue to use templates you can start development from tag v2.0.2
Cheers, Enrico
Am a fellow-developer, recently started with grails. I wanted to run a possible defect by you to get your opinion. I hope that's ok and thank you in advance for your attention and efforts.
In SpringSecurityOAuthController.groovy, there's a call to ${userClassName}.findBy${usernameCapPropertyName}And${passwordCapPropertyName} that essentially checks if the username, password combination is valid (line # 113 https://github.com/cazacugmihai/grails-spring-security-oauth/blob/master/src/templates/SpringSecurityOAuthController.groovy.template).
For bcrypt as no two hashes are alike, by definition - this wouldn't work out of the box.
I'm guessing this is one way to fix,
Can this be useful to you as well? Would be great to hear from you on this one.
Best regards, Santosh Dawara.