org.springframework.security.web.authentication
Class SavedRequestAwareAuthenticationSuccessHandler
java.lang.Object
org.springframework.security.web.authentication.AbstractAuthenticationTargetUrlRequestHandler
org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler
org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler
- All Implemented Interfaces:
- AuthenticationSuccessHandler
public class SavedRequestAwareAuthenticationSuccessHandler
- extends SimpleUrlAuthenticationSuccessHandler
An authentication success strategy which can make use of the DefaultSavedRequest which may have been stored in
the session by the ExceptionTranslationFilter. When such a request is intercepted and requires authentication,
the request data is stored to record the original destination before the authentication process commenced, and to
allow the request to be reconstructed when a redirect to the same URL occurs. This class is responsible for
performing the redirect to the original URL if appropriate.
Following a successful authentication, it decides on the redirect destination, based on the following scenarios:
-
If the alwaysUseDefaultTargetUrl property is set to true, the defaultTargetUrl
will be used for the destination. Any DefaultSavedRequest stored in the session will be
removed.
-
If the targetUrlParameter has been set on the request, the value will be used as the destination.
Any DefaultSavedRequest will again be removed.
-
If a
DefaultSavedRequest is found in the RequestCache (as set by the ExceptionTranslationFilter to
record the original destination before the authentication process commenced), a redirect will be performed to the
Url of that original destination. The DefaultSavedRequest object will remain cached and be picked up
when the redirected request is received (See SavedRequestAwareWrapper).
-
If no DefaultSavedRequest is found, it will delegate to the base class.
- Since:
- 3.0
- Version:
- $Id: SavedRequestAwareAuthenticationSuccessHandler.java 3883 2009-09-13 15:03:14Z ltaylor $
- Author:
- Luke Taylor
|
Field Summary |
protected org.apache.commons.logging.Log |
logger
|
| Methods inherited from class org.springframework.security.web.authentication.AbstractAuthenticationTargetUrlRequestHandler |
determineTargetUrl, getDefaultTargetUrl, getRedirectStrategy, getTargetUrlParameter, handle, isAlwaysUseDefaultTargetUrl, setAlwaysUseDefaultTargetUrl, setDefaultTargetUrl, setRedirectStrategy, setTargetUrlParameter, setUseReferer |
| Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
logger
protected final org.apache.commons.logging.Log logger
SavedRequestAwareAuthenticationSuccessHandler
public SavedRequestAwareAuthenticationSuccessHandler()
onAuthenticationSuccess
public void onAuthenticationSuccess(HttpServletRequest request,
HttpServletResponse response,
Authentication authentication)
throws ServletException,
IOException
- Description copied from interface:
AuthenticationSuccessHandler
- Called when a user has been successfully authenticated.
- Specified by:
onAuthenticationSuccess in interface AuthenticationSuccessHandler- Overrides:
onAuthenticationSuccess in class SimpleUrlAuthenticationSuccessHandler
- Parameters:
request - the request which caused the successful authenticationresponse - the responseauthentication - the Authentication object which was created during the authentication process.
- Throws:
ServletException
IOException
setRequestCache
public void setRequestCache(RequestCache requestCache)
Copyright © 2004-2009 SpringSource, Inc. All Rights Reserved.