R – Why does registering a new user using the ACEGI plugin for GRAILS give a “Default Role not found.” error

grailssecurity-rolesspring-security

Perhaps put a different way, how do I set up a default security role for newly registered users in Grails using teh ACEGI plug-in?

I have followed the acegi/grails tutorial here and am using controller annotations – although I haven't secured anything yet.

I added a second role called WEB_USER and have successfully added a User to that role.

When I use the register controller fro another new user, however, I get an error message from Grails saying "Default role not found".

I could see how I could code my way roughly out of this by either handling a null role list in the appropriate create method, or even posting a default role name back as a hidden field from the registration view, but they feel un-Grails.

I think I ought to be able to define this either in the User domain class itself or somehow in the relationship in the database between the user and role tables.

What's the intended means to define a default role, and why am I getting this message.

Oh, and how do you pronounce acegi?

Best Solution

This is a documentation issue. The register page doesn't allow you to select roles since it's expected that it'll be a public signup page. At least one role is required when creating a user so it expects that there's a 'default' role configured for this workflow.

You can set the default role in SecurityConfig.groovy with the 'defaultRole' attribute. By default it's 'ROLE_USER' but it can be whatever you want. There has to be an Authority instance with this value before users can register.

The pronunciation is in the FAQ - http://www.acegisecurity.org/faq.html

Related Question