At long long last I’ve released my authentication plugin for Grails.
My mission is to make authentication and authorisation as simple as possible. I just don’t get on with the complexity of Acegi etc, and they just don’t feel very Grailsy. So I chose a simple event model. You override the events you want, and provide your own domain or backing store class for user info if you want.
However out of the box in the immortal words of our favourite fruit, "It just works". You just add login/signup forms using the supplied auth:form tag and check if the user is logged in in your code using authenticationService.isLoggedIn(request) in your controller or filter, or use authenticationService.filterRequest in a filter to have it "do the right thing" and just ask your app via the onCheckAuthorized event which passes you in all the info you need to decide if the user can access the requested resource.
We’re already using this in production and it has gone through several iterations over the past year. There will be bugs, but there is also documentation. Which may have errata also. Let me know!
To install it use: grails install-plugin authentication