New grails project – grailskit starter kit

I’ve got a small Grails project I started some time ago which I’ll announce here in case anyone is interested in helping or just using it as a base.  GrailsKit is intended to be a small starter kit for Grails projects that need web-based management of user accounts, self-registration, and basic page/controller authentication.  None of it is terribly *finished* right now, but I’m open to some input on what people are looking for and what they expect.

I’ve tried Grails plugins for Acegi, JSecurity and Authentication, and all were some state of non-documentation and were somewhat overkill for my needs.  I understand that there may be situations where people have needs to PAM authentication with fallback to Active Directory (for example) but the projects I work on simply need self-registration and role-based control over controllers.

I’m reluctant to release this on several counts, but figure ‘what the heck?’ at this point.  :)   I’ve actually over-engineered the user portion right now, and will likely strip it back down to an earlier simpler version next week.  Other things on my short to-do list include some type of ‘captcha’, a ‘click this link’ email to finalize the user registration process, web-based management of the controller permissions, and a few small modules (like a News module already started) to show how to build basic applications.

I’ve also been reluctant to do this because I’m not a Java person by training.  I’ve done a bit here and there, but I come primarily from the PHP and ‘scripting’ world, so my view on how some of these things should be put together is going to be fundamentally different from how projects and code from mainstream Java-folks will be.  I’m not sure if that’s necessarily a good thing or bad thing, or just a ‘thing’.  Certainly I’ve got more to learn from Java folks, but perhaps my PHP/Perl experience coming through in this code will be an asset to people trying to come to grips with the dynamic aspects of Groovy.

My ‘inspiration’ if you will was/is PHPNuke.  Not so much in style of code or anything like that, but those of us old enough to remember PHPNuke’s arrival on the web scene will remember the massive adoption rate it had, thanks to a simple approach.  In many ways it was *too* simple, and certainly had many flaws, security and otherwise.  But, it provided a complete package – web based user management, self registration, content management, and more, and served as a base platform for many people to extend, customize and add-on, enough so that it spawned several forks, and had hundreds of thousands of installations over the years.  Java certainly hasn’t had any web-based app with anywhere near the same adoption rate or impact, and may never do so.  But with the uptake of Grails, there may be an increase in the need for a base project like phpnuke which can serve as a framework for easy customizations and extensions.  If Grailskit can be that, or help start that process in the Grails world, I’ll be ecstatic.  If not, it’s still a good exercise for me.

In any event, try out the code, join the project site running over there, and send me any questions you have (or post here or there for now).  I’m over in Australia for the next few days, so my response time may be slower than normal – please bear with me.  Thanks.

I'm currently working on a book for web freelancers, covering everything you need to know to get started or just get better. Want to stay updated? Sign up for my mailing list to get updates when the book is ready to be released!

Web Developer Freelancing Handbook

Share and Enjoy:
  • DZone
  • Facebook
  • Reddit
  • StumbleUpon
  • Digg
  • Simpy
  • Technorati

Tags: , , , , ,

{ 5 comments to read ... please submit one more! }

  1. Hi Michael,

    Why not join the JSecurity Grails plugin effort? We’re working on automated user support & web-based user/role/permission management, automated registration, captcha, etc…

    To counter your arguments:

    GrailsKit is equally lacking in documentation, so that is not a valid argument for choosing it over Acegi or JSecurity Grails plugins.

    JSecurity also works perfectly fine with very little configuration for simple single Realm access. PAM is only there if you need it, and doesn’t get in your way. So there is nothing more inherently complex about JSecurity if you don’t use PAM.

    My concern is that I feel (naturally) that the Grails community is much better suited with a few well-designed and developed (and documented of course) plugins than a fragmented landscape, especially if there is 100% overlap of one framework on another. I guess your blog post to me sounds quite a bit like “not invented here” syndrome, when you could just easily have contributed to another project.

    We welcome your input and would gladly accept you as a project member. We would actually want you to help steer the direction of where we would go, and would value your input.

    Please consider it.



  2. I guess one could counter with why didn’t you join the acegi project? I don’t know the history, but there’s already some fragmentation in the landscape.

    Exactly right that there’s no docs in my project either right now. One can simply run it and it ‘works’ except there’s no docs there explaining what the defaults are or how to change them or other useful bits. That’s a completely valid observation and one which I’ll be addressing in the coming weeks.

    The goal of the project is to have an entire basic ‘site’ (registration, profile editing, basic cms, etc.) that people can use to extend/modify/etc. As it stands, the security portion is something I’m building on my own as this is as much an experiment about porting ideas to Grails as anything else. What I’d wanted to happen, and what might happen, is to swap out my very basic security code and put in something like jsecurity or the ‘authentication’ plugin from marc palmer, but that’s something to tackle once there’s more infrastructure in place and I understand one of the other projects more.

    To counter counter – no, I couldn’t have just as easily contributed to something else, because the other projects out there were not understandable to me when I tried them out. Perhaps I’m not enough of a Java person to grok them out of the box and I need much more detailed documentation(?) – could very well be.

    I’m not sure there’s any need for a grailskit-type project at all – I may be bringing too many PHP preconceptions to my Grails experience. Certainly other factors in framework explosions in the PHP world include readily available cheap commodity hosting, and I’m not sure we’ll see that in the Grails/Java world any time soon. Most of the Grails projects I seem to read about seem to be extensions on to existing Java code bases, which again may knock off the need for pre-canned ‘starter kit’ code. In any case, I’m going to put out some more code as I can, help anyone that wants to use this code, and see where that may lead.

    Lastly bear in mind that this was started about three months ago, and I’ve not kept up to date with other projects on a daily basis. There may have been some substantive changes which would make things easier for someone like me, but I hadn’t seen that happen when I tried new releases.

    Thanks for the response and input, and for the invitation to help on Jsecurity. If I see some aspect where I can make any sort of contribution, I’ll do so.

  3. Wow – quite embarrassed by the amount of code missing in my repo when I posted this. Was moving from local dev to svn dev mindset, and a lot was missing. I’ve added more this evening, and fixed a few things, and it’s coming along now. Another thing I was noticing as a diff between grailskit and jsecurity plugin is that for grails, jsecurity is, well, a plugin. I’d initially started looking as grailskit as a plugin, but decided against that. This will be a standalone system which one can take and start to customize immediately. For people looking to add security measures to existing code, it won’t be a good choice – existing jsecurity, acegi and authentication plugins would make more sense. For those looking to start from scratch with a system where all the parts were written to work together which you can then start to modify as needed, grailskit hopefully will be a decent option.

  4. Hi,

    I’ve seen a similar effort in the Rails space called RailsKit that I was hoping to find in the Grails world. I’m glad you started the effort.

    It doesn’t look like you’ve kept up on this. Nothing has been done since June or so of last year. Before I try to use this, what can you update me on the status of the project?


  5. I let it slide initially because I thought the other plugins – jsecurity, acegi, authentication, etc – might end up providing enough of that base infrastructure for me to build on, but they still seem *way* too complicated for the idea I was going after. Authentication doesn’t as much, and I’d looked at trying to rebuild a basic infrastructure around one of those. It still seemed way too daunting. I’m coming at this from a dynamic language person’s viewpoint (PHP, precisely) where we’ve had turnkey community/framework systems for years. Trying to port that in to the Grails world will, I think, require a 100% total ‘groovy/grails’ approach, without reliance on any external packages (outside of the stock grails install) which is Java.

    On top of some of those issues, Grails 1.0.4 seemed to change some of the nomenclature, and I was waiting for 1.1 before going much further, to see what their many-to-many approach is. 1.1 is just coming out now, so it’s time to start looking at this project again.

    If you’re interested in talking more about it, or perhaps doing some work on it with me, let me know.

{ 0 Pingbacks/Trackbacks }

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong> <pre lang="" line="" escaped="">