File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes Groovy and the fly likes Grails Secure Login Design Questions and Library Choice Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of Head First Android this week in the Android forum!
JavaRanch » Java Forums » Languages » Groovy
Bookmark "Grails Secure Login Design Questions and Library Choice" Watch "Grails Secure Login Design Questions and Library Choice" New topic

Grails Secure Login Design Questions and Library Choice

James Dekker
Ranch Hand

Joined: Dec 09, 2006
Posts: 221

Am planning on building user administration module using Grails and the Spring Security Core plug-in for Grails.

Also, am considering using MongoDB for the database system.


(1) What trade offs and benefits will my app gain by choosing MongoDB over MySQL or HSQLDB?

(2) Is it super easy to way to implement (meaning 3rd party Grails APIs or plug-ins and/or Spring APIs?) an app that does the following:

  • New User Registration
  • Captchas
  • Confirmation E-mail
  • Forgot Password Reset Mechanism
  • Roles
  • SSL

  • (3) Can anyone point to a tutorial that touches on how to do some of these things using Grails?

    (4) Will it be necessary to use a standard RDBMS over a NoSQL system for my app's user administration module?

    Thank you for taking the time to read this.
    James Dekker
    Ranch Hand

    Joined: Dec 09, 2006
    Posts: 221
    Since no "greenhorns" were inclined to post a reply (when someone asks they seek insight), I thought it would be fair to provide the answers to my questions:

    * The Spring Security UI plugin handles New User Registration, Confirmation E-mail, and Forgot Password Reset. The Spring Security Core plugin handles roles of course, and has support for specifying which URLs require SSL (see the docs on channel support, section "17 Channel Security").

    * You can customize the signup workflow to include a captcha - I'd recommend using the reCAPTCHA plugin:

    * There's also a MongoDB plugin:

    All of the persistence used by the Core and UI plugins is overrideable, but uses GORM by default and assumes you're using an RDBMS. But it's simple to plug in your own if you use MongoDB or some other mechanism - for example see the docs on creating a custom UserDetailsService (section "11 Custom UserDetailsService" at

    Another developer also gave his / her two cents:

    1. Not a NoSql expert but NoSql Storage are more efficent in diriect reads (the get method of grails domain classes) and are slower on complex join queries or has no support for agragation (max, min, avrg)

    2. Grails Security UI plugin has it all


    4. Grails MongoDB plugin implements the GORM functionality for MongoDB so everything should be OK (not tested directly )

    From me:

    Hopefully, we'll see more Groovy discussion regarding specific complicated design questions than just asking for working code or general troubleshooting, in the future.
    I agree. Here's the link:
    subject: Grails Secure Login Design Questions and Library Choice
    It's not a secret anymore!