Anniversary Weekend Part 1 – Occidental

July 2, 2011 3:45 pm
occidental_map

Last weekend we took a little vacation to celebrate our 2-year anniversary.  We booked a room at the Inn at Occidental (in Occidental, CA).  It’s a tiny little town west of Santa Rosa.  The town has a population of 1,115.  It’s up in the “mountains” (for lack of a better term) surrounded by woods–nice and quiet.

There was a fish-eye-view mural on the side of a building, it really does show pretty much the entire town, excluding most of the actual houses:

IMGP5141a IMGP5143a IMGP5136a

The Inn was very nice.  They have about 20 rooms.  When we arrived they had music playing in our room for us (a CD Jess ended up buying).  The room had a Jacuzzi tub with some silly rubber ducks in it.  The ducks had trouble staying upright when actually in water.

A hot breakfast was included and was served in their dining room on the bottom floor of the main building.  They had a fixed menu each day, but were very accommodating to any desired changes.

Coming up next: Part 2 – Armstrong Redwoods, Part 3 – The Horticultural Gardens of Doom, Part 4 – The Ocean

This looks legit

June 17, 2011 7:59 am

ScreenshotI know this is legit, he says so right there in the first sentence! Borrow $5 million at 3% interest? Sign me up!

I’m actually a little impressed, the words are correctly spelled!

Coming in October…

May 31, 2011 6:42 pm

…our baby girl!

ultrasound 10tiny

That’s some good sales prediction tech

May 26, 2011 6:34 pm

I ordered something from Amazon last night. Take a look at the dates on this order status:

Screenshot
They apparently managed to ship the item before I ordered it! How’d they know! Now, if we lived on the East Coast then, sure, time zones, etc…but we live in California.

Grails Spring Security using PreAuthenticated Authentication Provider

11:09 am

This was a tricky problem I’ve been trying to solve for a little while.

If your webserver is providing the authentication service then your application simply needs to read in the `remoteUser` value out of the request header and trust it. In Grails you can do this with the Spring Security Core plugin using a PreAuthenticatedAuthenticationProvider. But it requires some configuration.

Follow the regular Spring Security Core setup process with the following adjustments.

In Config.groovy, define the providers you want available:

grails.plugins.springsecurity.providerNames = ['preAuthenticatedAuthenticationProvider', 'anonymousAuthenticationProvider']


And we need to define that preAuthenticated provider as a bean.

In resources.groovy we need:

beans = {
  userDetailsService(org.codehaus.groovy.grails.plugins.springsecurity.GormUserDetailsService) {
    grailsApplication = ref('grailsApplication')
  }

  userDetailsByNameServiceWrapper(org.springframework.security.core.userdetails.UserDetailsByNameServiceWrapper) {
    userDetailsService = ref('userDetailsService')
  }

  preAuthenticatedAuthenticationProvider(org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider) {
    preAuthenticatedUserDetailsService = userDetailsByNameServiceWrapper
  }

  requestHeaderAuthenticationFilter(org.springframework.security.web.authentication.preauth.RequestHeaderAuthenticationFilter) {
    principalRequestHeader = 'remoteUser'
    authenticationManager = ref('authenticationManager')
  }
}


And finally, in our BootStrap.groovy file we need to register the authentication filter:

import org.codehaus.groovy.grails.plugins.springsecurity.SecurityFilterPosition
import org.codehaus.groovy.grails.plugins.springsecurity.SpringSecurityUtils

class BootStrap {
  def init = { servletContext ->
    SpringSecurityUtils.clientRegisterFilter('requestHeaderAuthenticationFilter', SecurityFilterPosition.PRE_AUTH_FILTER) 
  }
}