Grails: Using recaptcha with spring security core for brute force defender
based in: Brute Force Defender
- Grails 2.3.2+
- Spring Security Core Plugin (2.0-RC3+)
- ReCaptcha Plugin (0.6.9+)
-
clone the repository: git clone https://github.com/rpalcolea/recaptcha-spring-security.git
-
Enter to the repository via command line.
-
package the plugin: grails package-plugin
Configure recaptcha plugin
And then Add the following lines to your Grails Config.groovy file:
bruteforcedefender {
time = 5
allowedNumberOfAttempts = 3
}
time = minutes mantaining failed attempts allowed NumberOfAttempts = number of failed attempts before showing the recaptcha widget.
Open your auth.gsp (/grails-app/views/login/auth.gsp) and add the next line wherever you want to render the recaptcha after the attempts.
<g:recaptchaLogin/>
Note: The plugin depends on spring security authentication events and so it sets grails.plugin.springsecurity.useSecurityEventListener = true
Thanks to Vinco Orbis and Burt Beckwith
Thanks to JetBrains for Awesome IntelliJ Idea