This week's book giveaway is in the Servlets forum.
We're giving away four copies of Murach's Java Servlets and JSP and have Joel Murach on-line!
See this thread for details.
The moose likes Groovy and the fly likes Grails Secure Login Design Questions and Library Choice Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of Murach's Java Servlets and JSP this week in the Servlets forum!
JavaRanch » Java Forums » Languages » Groovy
Bookmark "Grails Secure Login Design Questions and Library Choice" Watch "Grails Secure Login Design Questions and Library Choice" New topic

Grails Secure Login Design Questions and Library Choice

James Dekker
Ranch Hand

Joined: Dec 09, 2006
Posts: 215

Am planning on building user administration module using Grails and the Spring Security Core plug-in for Grails.

Also, am considering using MongoDB for the database system.


(1) What trade offs and benefits will my app gain by choosing MongoDB over MySQL or HSQLDB?

(2) Is it super easy to way to implement (meaning 3rd party Grails APIs or plug-ins and/or Spring APIs?) an app that does the following:

  • New User Registration
  • Captchas
  • Confirmation E-mail
  • Forgot Password Reset Mechanism
  • Roles
  • SSL

  • (3) Can anyone point to a tutorial that touches on how to do some of these things using Grails?

    (4) Will it be necessary to use a standard RDBMS over a NoSQL system for my app's user administration module?

    Thank you for taking the time to read this.
    James Dekker
    Ranch Hand

    Joined: Dec 09, 2006
    Posts: 215
    Since no "greenhorns" were inclined to post a reply (when someone asks they seek insight), I thought it would be fair to provide the answers to my questions:

    * The Spring Security UI plugin handles New User Registration, Confirmation E-mail, and Forgot Password Reset. The Spring Security Core plugin handles roles of course, and has support for specifying which URLs require SSL (see the docs on channel support, section "17 Channel Security").

    * You can customize the signup workflow to include a captcha - I'd recommend using the reCAPTCHA plugin:

    * There's also a MongoDB plugin:

    All of the persistence used by the Core and UI plugins is overrideable, but uses GORM by default and assumes you're using an RDBMS. But it's simple to plug in your own if you use MongoDB or some other mechanism - for example see the docs on creating a custom UserDetailsService (section "11 Custom UserDetailsService" at

    Another developer also gave his / her two cents:

    1. Not a NoSql expert but NoSql Storage are more efficent in diriect reads (the get method of grails domain classes) and are slower on complex join queries or has no support for agragation (max, min, avrg)

    2. Grails Security UI plugin has it all


    4. Grails MongoDB plugin implements the GORM functionality for MongoDB so everything should be OK (not tested directly )

    From me:

    Hopefully, we'll see more Groovy discussion regarding specific complicated design questions than just asking for working code or general troubleshooting, in the future.
    wood burning stoves
    subject: Grails Secure Login Design Questions and Library Choice
    Similar Threads
    Grails Plugins
    Grails 1.1 Web Application Development
    Griffon questions - benefits, roadmap, GORM, etc
    Spring BlazeDS Security
    I hate spending 3 weeks on the tools, not coding