3 Migrating from the Acegi Plugin - Reference Documentation
Authors: Burt Beckwith, Beverley Talbott
Version: 1.2.7.3
3 Migrating from the Acegi Plugin
If you formerly used the Acegi plugin, change your application configuration settings as follows.| Setting | Spring Security Plugin | Acegi Plugin |
|---|---|---|
| Enabled by default | true | false |
| Cache UserDetails by default | false | true |
| Configuration location | grails-app/conf/ Config.groovy | grails-app/conf/ SecurityConfig.groovy |
| Security service | springSecurityService | authenticateService |
The plugin's configuration values all start withgrails.plugins.springsecurityto distinguish them from similarly named options in Grails and from other plugins. You must specify all property overrides with thegrails.plugins.springsecuritysuffix. For example, you specify the attributepassword.algorithmas:ingrails.plugins.springsecurity.password.algorithm='SHA-512'Config.groovy
| Acegi Plugin | Spring Security Plugin |
|---|---|
| active | active |
| loginUserDomainClass | userLookup.userDomainClassName |
| userName | userLookup.usernamePropertyName |
| enabled | userLookup.enabledPropertyName |
| password | userLookup.passwordPropertyName |
| relationalAuthorities | userLookup.authoritiesPropertyName |
| getAuthoritiesMethod | N/A |
| authorityDomainClass | authority.className |
| authorityField | authority.nameField |
| authenticationFailureUrl | failureHandler.defaultFailureUrl |
| ajaxAuthenticationFailureUrl | failureHandler.ajaxAuthFailUrl |
| defaultTargetUrl | successHandler.defaultTargetUrl |
| alwaysUseDefaultTargetUrl | successHandler.alwaysUseDefault |
| filterProcessesUrl | apf.filterProcessesUrl |
| key | anon.key |
| userAttribute | anon.userAttribute |
| loginFormUrl | auth.loginFormUrl |
| forceHttps | auth.forceHttps |
| ajaxLoginFormUrl | auth.ajaxLoginFormUrl |
| afterLogoutUrl | logout.afterLogoutUrl |
| errorPage | adh.errorPage |
| ajaxErrorPage | adh.ajaxErrorPage |
| ajaxHeader | ajaxHeader |
| algorithm | password.algorithm |
| encodeHashAsBase64 | password.encodeHashAsBase64 |
| cookieName | rememberMe.cookieName |
| alwaysRemember | rememberMe.alwaysRemember |
| tokenValiditySeconds | rememberMe.tokenValiditySeconds |
| parameter | rememberMe.parameter |
| rememberMeKey | rememberMe.key |
| useLogger | registerLoggerListener |
| useRequestMapDomainClass | securityConfigType = "Requestmap" |
| requestMapClass | requestMap.className |
| requestMapPathField | requestMap.urlField |
| requestMapConfigAttributeField | requestMap.configAttributeField |
| useControllerAnnotations | securityConfigType = "Annotation" |
| controllerAnnotationsMatcher | controllerAnnotations.matcher |
| controllerAnnotationsMatchesLowercase | controllerAnnotations.lowercase |
| controllerAnnotationStaticRules | controllerAnnotations.staticRules |
| controllerAnnotationsRejectIfNoRule | rejectIfNoRule |
| requestMapString | N/A - securityConfigType = "InterceptUrlMap" is very similar |
| realmName | basic.realmName |
| basicProcessingFilter | useBasicAuth |
| switchUserProcessingFilter | useSwitchUserFilter |
| swswitchUserUrl | switchUser.switchUserUrl |
| swexitUserUrl | switchUser.exitUserUrl |
| swtargetUrl | switchUser.targetUrl |
| useMail | N/A - registration is supported in the UI plugin |
| mailHost | N/A - registration is supported in the UI plugin |
| mailUsername | N/A - registration is supported in the UI plugin |
| mailPassword | N/A - registration is supported in the UI plugin |
| mailProtocol | N/A - registration is supported in the UI plugin |
| mailFrom | N/A - registration is supported in the UI plugin |
| mailPort | N/A - registration is supported in the UI plugin |
| defaultRole | N/A - registration is supported in the UI plugin |
| useOpenId | N/A - supported in the OpenID plugin |
| openIdNonceMaxSeconds | N/A - supported in the OpenID plugin |
| useLdap | N/A - supported in the LDAP plugin |
| ldapRetrieveGroupRoles | N/A - supported in the LDAP plugin |
| ldapRetrieveDatabaseRoles | N/A - supported in the LDAP plugin |
| ldapSearchSubtree | N/A - supported in the LDAP plugin |
| ldapGroupRoleAttribute | N/A - supported in the LDAP plugin |
| ldapPasswordAttributeName | N/A - supported in the LDAP plugin |
| ldapServer | N/A - supported in the LDAP plugin |
| ldapManagerDn | N/A - supported in the LDAP plugin |
| ldapManagerPassword | N/A - supported in the LDAP plugin |
| ldapSearchBase | N/A - supported in the LDAP plugin |
| ldapSearchFilter | N/A - supported in the LDAP plugin |
| ldapGroupSearchBase | N/A - supported in the LDAP plugin |
| ldapGroupSearchFilter | N/A - supported in the LDAP plugin |
| ldapUsePassword | N/A - supported in the LDAP plugin |
| useKerberos | N/A - will be supported in a secondary plugin |
| kerberosLoginConfigFile | N/A - will be supported in a secondary plugin |
| kerberosRealm | N/A - will be supported in a secondary plugin |
| kerberosKdc | N/A - will be supported in a secondary plugin |
| kerberosRetrieveDatabaseRoles | N/A - will be supported in a secondary plugin |
| useHttpSessionEventPublisher | useHttpSessionEventPublisher |
| cacheUsers | cacheUsers |
| useCAS | N/A - supported in the CAS plugin |
| cas.casServer | N/A - supported in the CAS plugin |
| cas.casServerPort | N/A - supported in the CAS plugin |
| cas.casServerSecure | N/A - supported in the CAS plugin |
| cas.localhostSecure | N/A - supported in the CAS plugin |
| cas.failureURL | N/A - supported in the CAS plugin |
| cas.defaultTargetURL | N/A - supported in the CAS plugin |
| cas.fullLoginURL | N/A - supported in the CAS plugin |
| cas.fullServiceURL | N/A - supported in the CAS plugin |
| cas.authenticationProviderKey | N/A - supported in the CAS plugin |
| cas.userDetailsService | N/A - supported in the CAS plugin |
| cas.sendRenew | N/A - supported in the CAS plugin |
| cas.proxyReceptorUrl | N/A - supported in the CAS plugin |
| cas.filterProcessesUrl | N/A - supported in the CAS plugin |
| useNtlm | N/A - will be supported in a secondary plugin |
| ntlm.stripDomain | N/A - will be supported in a secondary plugin |
| ntlm.retryOnAuthFailure | N/A - will be supported in a secondary plugin |
| ntlm.forceIdentification | N/A - will be supported in a secondary plugin |
| ntlm.defaultDomain | N/A - will be supported in a secondary plugin |
| ntlm.netbiosWINS | N/A - will be supported in a secondary plugin |
| httpPort | portMapper.httpPort |
| httpsPort | portMapper.httpsPort |
| secureChannelDefinitionSource | N/A, use secureChannel.definition |
| channelConfig | secureChannel.definition |
| ipRestrictions | ipRestrictions |
| useFacebook | N/A - will be supported in the Facebook plugin |
| facebook.filterProcessesUrl | N/A - will be supported in the Facebook plugin |
| facebook.authenticationUrlRoot | N/A - will be supported in the Facebook plugin |
| facebook.apiKey | N/A - will be supported in the Facebook plugin |
| facebook.secretKey | N/A - will be supported in the Facebook plugin |