I'm developing a web application with Grails 2.2.0 which does all actions through an implemented API which is calling another backend server. This means, that all things, even the authentication and all related things, are done through the API and the corresponding backend server.
Now I wanted to use the SpringSecurity or Apache Shiro Plugin for authentication and role management, etc. but what I've come across all of them are using the domain classes in connection with the datbase which is not what I intend to do... is there a possiblity to use any of these plugins without the database connection without the need to customize them to a high degree? Or is there another plugin, which I'm not aware of, which could bring the functionallity I need 'hassle-free' ?
I hope the question itself is clear enough, otherwise please don't hesitate to ask me for further/better explaination of my question :)
The Spring Security Core plugin defaults to using domain classes and a database, but it's easy to customize the source of the user and role data with a custom UserDetailsService implementation. There's a whole chapter in the docs on this.
I also did a talk on customizing the plugin and included an example of a custom authentication provider. There's a sample app and link to the video of the talk here.