Skipping auth.gsp

[dzikiplankton]

Hi,

It may not be an issue, but If I turn on this plugin in my project it is skipping auth.gsp forwarding me to the idp provider. (For development I'm using sso circle). My goal is having two user bases one in application database and one provided by saml.

Is this behavior fixed for plugin or just connected with the provider I'm using ?

Additionally I would like to grant all users logged with saml some role with is not stored in idp provider response. Can I achieve that without saving users in database ?

[jeffwils]

1. That is exactly what the plugin is designed to do. (Redirect to an IDP for authentication)
   To achieve alternative authentication, you may have to change the order of the grails.plugin.springsecurity.providerNames....You will need daoAuthenticationProvider and samlAuthenticationProvider. However, you may also need to customize some classes in the spring security setup if you want to dynamically determine which authentication path someone should take.

2. You will need to override the userDetailsService Bean in resources.groovy. You do this by creating your own class in your project and subclassing it from the SpringSamlUserDetailsService class in the plugin Code. You will need to Override the getAuthoritiesForUser method and just put in some code to add your custom Role.

Both things you are trying to do are possible but they will require some additional coding on your part and really good working knowledge of Spring.

[dzikiplankton]

Thanks !!