I went to Gr8Conf last week.
I really cannot think of a whole lot to say at the moment. I am excited that there is a lot going in the Groovy and Grails space.
Right now I will have to go through all my Grails apps and change the controllers so the create, edit and delete actions in the controllers send their work to Grails services.
I have been working on using the Grails Shiro plugin. I asked for help with it from the guy who used to maintain it, Peter Ledbrook. I was not able to get examples from other apps to work. He was not able to get things running for me either. It turns out the app I was working with was also using the Shiro-UI plugin. There were two “Auth” controllers, and that was messing things up.
I have tried working with the Grails Spring Security Core plugin. It is easy to get up and running, but writing tests for an app that uses it is pretty hard. I got it working myself, but it took a lot of Googling (and as many of you know, you Google after you have driven yourself crazy trying to figure it out on your own). The way I got it to work was a bit of a jumble in my opinion, with some Spock mocking mixed in with some core Groovy mocking. I realized why it was so hard when one of the presenters said that services should only be called from controllers. Spring Security Core requires you to run the plugin as a service from your User domain classes.
I will try to write some tests for an application using the Shiro plugin. Hopefully it will be easier.
I think the reason I had so much grief with the Spring Security tests is because a lot of tutorials do not really cover services too much. Since they are not covered, I guess people don’t think about them too much. One person I talked to said that one reason for that might be that the controller generators do not put edit, save and delete in services, so people think they can get by without them.
I might post my notes online later.