Grails and OpenId

 Technology  Add comments
Nov 162009
 

Do your users a favor . Use OpenId in your website, rather than having them to create yet another user account.

I haven’t ready any statistics around this, but if I am the so called average user – I guess, I am 75% less likely to register for your website , even if that comes at the cost of having to do without your services.

How I got it working

Getting OpenId to work with Grails wasn’t bad at all.

I used the Acegi security plugin for this – it seems to be the de-facto choice (, at least at the time of this writing).

The tutorials I used were pretty OK. They show you how to use Acegi as well as OpenId. I guess these could have been structured a bit better to avoid repetition and also had some outdated information. The tutorial for OpenId did miss couple of things, which I have mentioned below.

1) You will need Xerces library files when you switch the flag to OpenId. If not- you will see a NoClassDefFoundError at startup, something like this

java.lang.NoClassDefFoundError: org/apache/xerces/parsers/DOMParser

2) The OpenId tutorial asks you to remove references to password from the domain classes and the GSPs.  You will find an additional reference in UserController.groovy

3) While testing myopenid , I realized that Acegi doesn’t handle trailing bakslash in userIds very well. My id on myopenId is http://<myid>.myopenid.com/ (Note the trailing backslash) . I have created the user in my database as http://<myid>.myopenid.com (sans the trailing baclslash). When I try to login, it takes me to the MyopenId for authentication against my account just fine, but is then later on unable to find the user on the local database. This is the exception that I saw

org.springframework.security.userdetails.UsernameNotFoundException

Versions

Grails: 1.1.1

Acegi 0.5.2

Overall, Grails+Acegi+OpenId was quite a smooth experience. OpenId is not perfect and does have drawbacks, but IMHO is better than having to create a user account for each and every website you want to use.

And honor as at may be, I really don’t want to store your passwords.

Be Sociable, Share!
 Posted by Rajiv Narula at 2:25 pm  Tagged with: , , , ,
  • Steven Herod

    I’m sorry, I disagree.

    Yes, OpenId setup for the developer is dead simple on Grails, but OpenId is nothing but pain from a user perspective.

    StackOverflow does it right with a single click, but the enter your URL thing is total user experience death.

    I actively AVOID using open id, I’d rather register, 1Password takes care of the account problems.

  • http://www.rajivnarula.com Rajiv Narula

    Hey Steven
    I agree Stackoverflow got it right . Dzone’s implementation is more like what you said and I agree- its a nightmare.

    And I do recognize,that OpenId has its quirks ,but I still believe it’s the step in the right direction. But I hope the application that I am working on , whenever ready – will not drive you away just because it uses OpenId :)

  • http://www.viqsoft.com Arcko

    Make OpenId an optional choice on the login page should be ok.

  • http://www.rajivnarula.com Rajiv Narula

    Arcko,
    So far I am inclined to keep it as the only option- much like StackOverflow

    But then I really havent done true analysis to take a hard decision.
    maybe it worked for SO- because its audience is very tech-savvy.

  • http://simmeon.co.uk Simmeon

    Always give the user a choice never make it a default or you will loose people.

   
© 2011 Technology Cafe Suffusion theme by Sayontan Sinha