org.springframework.security.saml

Class SAMLRelayStateSuccessHandler

java.lang.Object

org.springframework.security.web.authentication.AbstractAuthenticationTargetUrlRequestHandler

org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler

org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler

org.springframework.security.saml.SAMLRelayStateSuccessHandler

All Implemented Interfaces:

org.springframework.security.web.authentication.AuthenticationSuccessHandler

public class SAMLRelayStateSuccessHandler
extends org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler

Implementation of a success handler which interprets meaning of the RelayState inside SAMLCredential as an URL to redirect user to.

Author:

Vladimir Schafer

Field Summary

Fields

Modifier and Type	Field and Description
protected static org.slf4j.Logger	log Class logger.

Fields inherited from class org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler

logger

Constructor Summary

Constructors

Constructor and Description
SAMLRelayStateSuccessHandler()

Method Summary

Modifier and Type	Method and Description
protected String	getTargetURL(String relayState) Method is responsible for processing relayState and returning URL the system can redirect to.
void	onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, org.springframework.security.core.Authentication authentication) Implementation tries to load RelayString from the SAMLCredential authentication object and in case the state is present uses it as the target URL.

Methods inherited from class org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler

setRequestCache

Methods inherited from class org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler

clearAuthenticationAttributes

Methods inherited from class org.springframework.security.web.authentication.AbstractAuthenticationTargetUrlRequestHandler

determineTargetUrl, getDefaultTargetUrl, getRedirectStrategy, getTargetUrlParameter, handle, isAlwaysUseDefaultTargetUrl, setAlwaysUseDefaultTargetUrl, setDefaultTargetUrl, setRedirectStrategy, setTargetUrlParameter, setUseReferer

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

log

protected static final org.slf4j.Logger log

Class logger.

Constructor Detail

SAMLRelayStateSuccessHandler

public SAMLRelayStateSuccessHandler()

Method Detail

onAuthenticationSuccess

public void onAuthenticationSuccess(HttpServletRequest request,
                                    HttpServletResponse response,
                                    org.springframework.security.core.Authentication authentication)
                             throws ServletException,
                                    IOException

Implementation tries to load RelayString from the SAMLCredential authentication object and in case the state is present uses it as the target URL. In case the state is missing behaviour is the same as of the SavedRequestAwareAuthenticationSuccessHandler.

Specified by:

onAuthenticationSuccess in interface org.springframework.security.web.authentication.AuthenticationSuccessHandler

Overrides:

onAuthenticationSuccess in class org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler

Throws:

ServletException

IOException

getTargetURL

protected String getTargetURL(String relayState)

Method is responsible for processing relayState and returning URL the system can redirect to. Method can decide to ignore the relayState and redirect user to default location by returning null.

Parameters:

relayState - relay state to process, can be null

Returns:

null to ignore the state, URL to redirect to otherwise