Grails Update

So I am getting back into Grails. I think my foray into Ruby and Rails might be pretty much over. I am spending more time on JVM languages these days when I have time to do something.

I am going through “Beginning Groovy, Grails and Griffon” (at….). I am kind of pausing going through that right now, and I am looking at the Spring Security plugin for Grails (see plugin page on Grails site here).

I picked this book because it had a chapter on security, and it winds up rolling its own solution. I recently watched a couple of videos by Burt Beckwith, the guy who maintains the Spring Security plugins (see them here and here). You could say he is a bit biased, but he said it is a bad idea to roll your own. In theory, you could do it, but then you spend a lot of time managing users and security, and not thinking about your app.

He said a lot of tutorials start rolling their own security when they talk about Grails filters (which you can find out about here and here). Michael Hartl rolls his own in the Rails Tutorial. The instructor at The Starter League also liked to do user authentication himself.

I personally think that is not the best way to do it. Handling users is not as complex as threading or cryptography, but on the other hand it is a pretty common thing that a web apps need. Plus it is easy to forget something (like making a way to email users their password if they forget it). Some people say that they like to do things themselves, and frequently list handing users in that category. Yet those same people never roll their own database driver. Except Lisp people. But then they insist on doing everything themselves.

Sometimes I would like to make a Grails tutorial that uses the Spring Security plugin (or perhaps the Shiro plugin) in the app. I wonder if there is a site that collects links for tutorials on how to handle users for different web apps. That way, when someone wants to try a new language and/or framework, they can get the routine stuff out of the way and get down to business. Besides, these plugins have a lot of options and ways to do things. Even if you roll your own because you like to learn new things, you can still use a plugin and learn new things along the way.


Image from “Evangeliar Ottos III”, an 11th century manuscript housed in the Bavarian State Library (Wikipedia page here); manuscript information here, citation link here, image assumed allowed under Fair Use.