I have gone a good distance in spring-security-core-2.0-RC5 (SSC) with Grails 2.5, but still a lot to cover. I am wondering how to achieve two tasks. So far and after integrating SSC in my project, I built a dispatcher that takes care of routing users to different landing pages according to their roles. This link shows how I do it. What I am wondering how others are doing is these two tasks:
- How to customize the landing page. For example, instead of the typical "Please Login", I need to say "Please login using your provided username and password" plus an image or something. This means I have to override (or overwrite) the existing login page. What is the best way to do this?
- The more important. When a user is logged in, I route them to different pages based on their roles, or even log them out if their account is
!enabled. However, what I can't do is be in control when the user has no credentials at all. What I would like to do is instead of displaying the typical "Sorry, we were not able to find a user with that username and password.", I would like to intercept the behaviour and perform some actions before redirecting users to the logout/login page (actions like a web service request for example). How can I achieve this please - to be able to make certain tasks on behalf of non-authorized users?
For Task1 (custom login page) you Just have to place a auth.gsp page in 'app/views/login/auth.gsp'