Java Groovy Grails 2019. 12. 5. 02:29
	// this cookie works only WP is on the same server
	def get_wp_cookie(String username, String password){ // will not work in server-side. use client-side javascript version
			def JSONURL="http://"+api_server_ip+port_number+"/static/wp/api/user/generate_auth_cookie/?insecure=cool&username="+username+"&password="+password+"&seconds=3600"
			println JSONURL
			def jsonText = ""
				jsonText=JSONURL.toURL().getText(connectTimeout: 30000, readTimeout: 60000, requestProperties: [Accept: 'application/json'])
			catch (e){
				flash.message="WP autologin failed. (WP username is not found)"

			JsonSlurper jsonSlurper = new JsonSlurper()
			Object result = jsonSlurper.parseText(jsonText)
			Map jsonResult = (Map) result;
			String status = (String) jsonResult.get("status")
			if (status=="ok"){
				String gcookie_name = (String) jsonResult.get("cookie_name")
				String gcookie = (String) jsonResult.get("cookie")

				Cookie cookie = new Cookie(gcookie_name,gcookie)
				cookie.maxAge = 100
				cookie.setDomain(domain4cookie) // ******* this works only when domain is same as the code is running. Or will be rejected
				println "WP cookie generation is success: "+gcookie_name+"="+gcookie
			} else{
				String error = (String) jsonResult.get("error")
				println "WP cookie generation is failed: "+error


	def authenticated_then_setcookie(){
		//println "Call authenticate_then_setcookie()"
		def user = springSecurityService.currentUser
		//log.debug user.username+" autologin WP" 
		def usernameFound=""
		def passwordFound=""
		Cookie[] cookies = request.getCookies();
		if (cookies != null) {
		 for (Cookie cookie : cookies) {
		   if (cookie.getName().equals("u4wp")) {
			 //println "cookie found: u4wp="+ cookie.getValue()
		   if (cookie.getName().equals("p4wp")) {
			//println "cookie found: p4wp="+ cookie.getValue()
			println "no cookie"
		if (usernameFound && passwordFound){
			if (SpringSecurityUtils.ifAllGranted('ROLE_ADMIN')){
				get_wp_cookie(usernameFound, passwordFound)
				flash.message="WP login is auto-login-ed"
			} // do only when non-superuser
			else {
				flash.message = "You are loggedin as superusr. Be careful about changing anything."
			flash.message="WP login was not successful. Try to make passwords same on both."
		//render view: "/formula/periodic_table_search3"
		redirect uri: "/home"

Wordpress site should be in the same server. This plugin also need to be installed:


JSON API User is a plugin that extends the JSON API Plugin to allow RESTful user registration and Profile fields

JSON API User is a plugin that extends the JSON API Plugin with a new Controller to allow RESTful user registration, password reset, RESTful Facebook Login, RESTful User Meta and BuddyPress xProfile methods. This plugin is for WordPress/Mobile app develope

Finally, add the following line in grails-app/conf/application.groovy

grails.plugin.springsecurity.successHandler.defaultTargetUrl = '/login/authenticated_then_setcookie'
posted by kimsooil