In my a previous project I was told to do authentication using spring-security where user can login with username or email and both can be case insensitive. For implementing the same I did following:
First install the spring-security-core plugin in your application and configure it. If you are new for spring-security-core plugin then go through this blog and After configuring pluging Create a Groovy class in your src/groovy directory which looks like :

class UserDetail implements GrailsUserDetailsService {
    static final List NO_ROLES =
        [new GrantedAuthorityImpl(SpringSecurityUtils.NO_ROLE)]

    UserDetails loadUserByUsername(String username, boolean loadRoles)
    throws UsernameNotFoundException {
        return loadUserByUsername(username)

    UserDetails loadUserByUsername(String username)
    throws UsernameNotFoundException {
        User.withTransaction { status ->
            User user = User.findByUsernameIlikeOrEmailIlike(username, username)
            if (!user) {
                throw new UsernameNotFoundException('User not found',
            def authorities = user.authorities.collect {
                new GrantedAuthorityImpl(it.authority)

            return new GrailsUser(user.username,
                    authorities ?: NO_ROLES,

Here we have provide our own implementation for loading the user. And after doing that you have to define this class in your conf/spring/resources.groovy like

beans = {

Here we are overriding the bean in spring. Now you are able to login with case insensitive username or email.

Hope this helps some one.