SVN: Merge Branch to Trunk

We are still using subversion instead of git, hopefully someday we can migrate. In the meantime I still struggle with some of the basics. From now on I will at least know to check this blog whenever I want to merge. The following method assumes no development is done on trunk, only branches are merged to it once a new release is ready.

First, we need to make sure we have all our changes in our working copy checked in before we proceed. Then we check out the trunk and switch to it:  

svn co http://server/repository/project/trunk 

svn switch http://server/repository/project/trunk 

Now we can merge:  
svn merge http://server/repository/project/trunk http://server/repository/project/branches/MyBranch 

Finally we can commit to the server:
svn ci -m "Merge MyBranch to Trunk"

Finished. :)

REST + Griffon + Grails

Okay, it has been quite a while since my last post, but I'm back. Hopefully I can post more regularly.
So, this is what I've been up to. I want to be able to expose my grails api using REST, but want to do it in a secure manner. The basic idea is that I can develop desktop apps, web apps, mobile apps, etc, and they all use the api from a central server to persist and get data.

For the moment, I'm using grails 1.3.7 and the Nimble plugin for authentication. Nimble is based on shiro and I really like it. Once it is installed, I had to add the following to Config.groovy:

 security{
shiro{
authc.required=false
filter.config="""\
[filters]
#HTTP Basic Authentication
authcBasic = org.apache.shiro.web.filter.authc.BasicHttpAuthenticationFilter
authcBasic.applicationName = Rest_Auth
[urls]
/author/**=authcBasic
"""
}
}


So here we are telling grails to use the specified filter to authenticate any request made to the given url. So if a user needs to access anything under author, they need to authenticate. Now, the javadoc for BasicHttpAuthenticationFilter says the following:


Requires the requesting user to be authenticated for the request to continue, and if they're not, requires the user to login via the HTTP Basic protocol-specific challenge. Upon successful login, they're allowed to continue on to the requested resource/url.
This implementation is a 'clean room' Java implementation of Basic HTTP Authentication specification per RFC 2617.
Basic authentication functions as follows:

1. A request comes in for a resource that requires authentication.
2. The server replies with a 401 response status, sets the WWW-Authenticate header, and the contents of a page informing the user that the incoming resource requires authentication.
3. Upon receiving this WWW-Authenticate challenge from the server, the client then takes a username and a password and puts them in the following format:username:password
4. This token is then base 64 encoded.
5. The client then sends another request for the same resource with the following header:Authorization: Basic Base64_encoded_username_and_password


   
   
   So now our grails app requires that any requests to author be authenticated. Now, in our griffon app, we installed the rest plugin: griffon install-plugin rest.
   
   
   The documentation for the plugin is not all that good, or maybe I'm too dumb. So I had to figure things out on my own. I found out that it actually makes extensive use of HttpBuilder : http://groovy.codehaus.org/modules/http-builder/doc
   
   The rest plugin creates an instance of RESTClient, which in turn inherits from HttpBuilder, and guess what? HttpBuilder has a property auth.basic .Here we can specify the username and password and HttpBuilder will send that to the grails application whenever authentication is required. Here is a sample of how it would be done with griffon:
   
   withRest(id:'sampleId', uri: 'http://localhost:8080/myapp'){
   
   

   auth.basic 'username', 'password' 

   
   

   def response = get(path: 'author')

   
   

   //Do something with the response 

   
   
   
   }
   
   
   Caution, the password is send in clear, so just make sure you use https. 

Nimble : Permissions, Groups & Roles

The documentation for nimble is not really all that good, however, the plugin is amazing. I feel lazy switching to spring security, so for the moment I'm sticking with nimble/shiro.

So I needed to create some default permissions, groups and roles in my application and it was taking me some time to figure out how to do this. What I had to do was to edit grails-app/conf/NimbleBootStrap.groovy and add them like this:

def adminOfficerRole = roleService.createRole('ADMIN_OFFICER','Administrative Offficers', false)
def basicMgmtGroup = groupService.createGroup('BASIC_MGMT','Group that does basic management',false)
roleService.addGroupMemeber(basicMgmtGroup,adminOfficerRole)

LevelPermission perm = new LevelPermission()
perm.populate('controller1,controller2','*',null,null,null,null)
perm.managed=false
permissionService.createPermission(perm,basicMgmtGroup)

//Add a user to a role
roleService.addMember(UserBase.findByUsername('username'),adminOfficerRole)

In our controllers we can now check for permissions as follows:

if(SecurityUtils.getSubject().isPermitted("controller:action")){
//DO SOMETHING HERE
}

Whew! Okay, now I shouldn't forget. :D

Radioactivo 98.5

While I was studying in Mexico from 1996 to 2002, my favourite radio station was Radioactivo 98.5 . It was closed down in 2002, but it left its mark in the Mexican Radiostation landscape. So when I found a link where I could listen to it once more I was delighted. It is more like a retrospective radiostation. Anyways, here is the link:

http://www.retrospectivaradial.com/playlist.pls

Intro

Okay, this is my first attempt at blogging. Have so many things on my mind, decided that maybe this is a good way to track and record them.