AbstractAuthenticationTargetUrlRequestHandler (Spring Security 3.0.0.RELEASE API)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.springframework.security.web.authentication
Class AbstractAuthenticationTargetUrlRequestHandler

java.lang.Object
  org.springframework.security.web.authentication.AbstractAuthenticationTargetUrlRequestHandler

Direct Known Subclasses:: SimpleUrlAuthenticationSuccessHandler, SimpleUrlLogoutSuccessHandler

public abstract class AbstractAuthenticationTargetUrlRequestHandler
extends Object
extends Object

Base class containing the logic used by strategies which handle redirection to a URL and are passed an Authentication object as part of the contract. See AuthenticationSuccessHandler and LogoutSuccessHandler, for example.

Uses the following logic sequence to determine how it should handle the forward/redirect

If the alwaysUseDefaultTargetUrl property is set to true, the defaultTargetUrl property will be used for the destination.
If a parameter matching the targetUrlParameter has been set on the request, the value will be used as the destination.
If the useReferer property is set, the "Referer" HTTP header value will be used, if present.
As a fallback option, the defaultTargetUrl value will be used.

Since:: 3.0
Version:: $Id: AbstractAuthenticationTargetUrlRequestHandler.java 3881 2009-09-11 20:48:41Z ltaylor $
Author:: Luke Taylor

Field Summary
`static String`	`DEFAULT_TARGET_PARAMETER`
`protected org.apache.commons.logging.Log`	`logger`

Constructor Summary
`protected`	`AbstractAuthenticationTargetUrlRequestHandler()`

Method Summary
`protected String`	`determineTargetUrl(HttpServletRequest request, HttpServletResponse response)`
`protected String`	`getDefaultTargetUrl()` Supplies the default target Url that will be used if no saved request is found or the `alwaysUseDefaultTargetUrl` property is set to true.
`protected RedirectStrategy`	`getRedirectStrategy()`
`protected String`	`getTargetUrlParameter()`
`protected void`	`handle(HttpServletRequest request, HttpServletResponse response, Authentication authentication)`
`protected boolean`	`isAlwaysUseDefaultTargetUrl()`
`void`	`setAlwaysUseDefaultTargetUrl(boolean alwaysUseDefaultTargetUrl)` If `true`, will always redirect to the value of `defaultTargetUrl` (defaults to `false`).
`void`	`setDefaultTargetUrl(String defaultTargetUrl)` Supplies the default target Url that will be used if no saved request is found in the session, or the `alwaysUseDefaultTargetUrl` property is set to true.
`void`	`setRedirectStrategy(RedirectStrategy redirectStrategy)` Allows overriding of the behaviour when redirecting to a target URL.
`void`	`setTargetUrlParameter(String targetUrlParameter)` The current request will be checked for this parameter before and the value used as the target URL if resent.
`void`	`setUseReferer(boolean useReferer)` If set to `true` the `Referer` header will be used (if available).

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Field Detail

DEFAULT_TARGET_PARAMETER

public static String DEFAULT_TARGET_PARAMETER

logger

protected final org.apache.commons.logging.Log logger

Constructor Detail

AbstractAuthenticationTargetUrlRequestHandler

protected AbstractAuthenticationTargetUrlRequestHandler()

Method Detail

handle

protected void handle(HttpServletRequest request,
                      HttpServletResponse response,
                      Authentication authentication)
               throws IOException,
                      ServletException

Throws:: IOException; ServletException

determineTargetUrl

protected String determineTargetUrl(HttpServletRequest request,
                                    HttpServletResponse response)

getDefaultTargetUrl

protected String getDefaultTargetUrl()

Supplies the default target Url that will be used if no saved request is found or the alwaysUseDefaultTargetUrl property is set to true. If not set, defaults to /.

Returns:: the defaultTargetUrl property

setDefaultTargetUrl

public void setDefaultTargetUrl(String defaultTargetUrl)

Supplies the default target Url that will be used if no saved request is found in the session, or the alwaysUseDefaultTargetUrl property is set to true. If not set, defaults to /. It will be treated as relative to the web-app's context path, and should include the leading /. Alternatively, inclusion of a scheme name (such as "http://" or "https://") as the prefix will denote a fully-qualified URL and this is also supported.

Parameters:: defaultTargetUrl -

setAlwaysUseDefaultTargetUrl

public void setAlwaysUseDefaultTargetUrl(boolean alwaysUseDefaultTargetUrl)

If true, will always redirect to the value of defaultTargetUrl (defaults to false).

isAlwaysUseDefaultTargetUrl

protected boolean isAlwaysUseDefaultTargetUrl()

setTargetUrlParameter

public void setTargetUrlParameter(String targetUrlParameter)

The current request will be checked for this parameter before and the value used as the target URL if resent.

Parameters:: targetUrlParameter - the name of the parameter containing the encoded target URL. Defaults to "redirect".

getTargetUrlParameter

protected String getTargetUrlParameter()

setRedirectStrategy

public void setRedirectStrategy(RedirectStrategy redirectStrategy)

Allows overriding of the behaviour when redirecting to a target URL.

getRedirectStrategy

protected RedirectStrategy getRedirectStrategy()

setUseReferer

public void setUseReferer(boolean useReferer)

If set to true the Referer header will be used (if available). Defaults to false.