Spring Security Plugin Authentication Failure Issue

EDITED HEADER: more related with the actual problem

I'm trying to setup spring security for my test application

i installed the plugin , created User and Role classes ;

put this to UrlMappings.groovy;

        "/login/$action?"(controller: "login")
    "/logout/$action?"(controller: "logout")

then I put a user in the bootstrap as follows,

import org.project.auth.Role
import org.project.auth.User
import org.project.auth.UserRole;

class BootStrap {
    def springSecurityService
    def init = { servletContext ->
        def userRole = Role.findByAuthority('ROLE_USER') ?: new Role(authority: 'ROLE_USER').save(failOnError: true,flush:true)
        def adminRole = Role.findByAuthority('ROLE_ADMIN') ?: new Role(autho开发者_StackOverflow中文版rity: 'ROLE_ADMIN').save(failOnError: true,flush:true)

        def adminUser = User.findByUsername('admin') ?: new User(

                username: 'admin',

                password: springSecurityService.encodePassword('admin'),

                enabled: true).save(failOnError: true,flush:true)

        print User.count()          

        if (!adminUser.authorities.contains(adminRole)) {
                    print "TEST"
            UserRole.create adminUser, adminRole,true
        }
    }
    def destroy = {
    }
}

this print User.count() returns 1 so i know the user is created , print "TEST" works as well so i know that it goes into the if block but when i run the server it fails with

Sorry, we were not able to find a user with that username and password.

I use Grails 2.0.0.M1 , do you think it might be the issue?

The User domain class in the 1.2 version of the plugin encrypts the password for you. So older code like this that uses the springSecurityService double-encodes. Change password: springSecurityService.encodePassword('admin') to password: 'admin' and it should work.

If not, turn up the debugging and you should see a message about why it's failing. Add this to Config.groovy in the log4j block:

debug 'org.springframework.security'

Also to be safe I'd change if (!adminUser.authorities.contains(adminRole)) { to if (!UserRole.findByUserAndRole(adminUser, adminRole)) { `

I ma facing the same problem but after some searching came across this. http://jira.grails.org/browse/GPSPRINGSECURITYUI-33 and http://jira.grails.org/browse/GPSPRINGSECURITYUI-27 Hope this helps. But i am unable to find the next stable version where this problem is fixed.