org.springframework.security.web.authentication
Class SavedRequestAwareAuthenticationSuccessHandler

java.lang.Object
  extended by org.springframework.security.web.authentication.AbstractAuthenticationTargetUrlRequestHandler
      extended by org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler
          extended by org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler
All Implemented Interfaces:
AuthenticationSuccessHandler

public class SavedRequestAwareAuthenticationSuccessHandler
extends SimpleUrlAuthenticationSuccessHandler

An authentication success strategy which can make use of the DefaultSavedRequest which may have been stored in the session by the ExceptionTranslationFilter. When such a request is intercepted and requires authentication, the request data is stored to record the original destination before the authentication process commenced, and to allow the request to be reconstructed when a redirect to the same URL occurs. This class is responsible for performing the redirect to the original URL if appropriate.

Following a successful authentication, it decides on the redirect destination, based on the following scenarios:

Since:
3.0

Field Summary
protected  org.apache.commons.logging.Log logger
           
 
Constructor Summary
SavedRequestAwareAuthenticationSuccessHandler()
           
 
Method Summary
 void onAuthenticationSuccess(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, Authentication authentication)
          Calls the parent class handle() method to forward or redirect to the target URL, and then calls clearAuthenticationAttributes() to remove any leftover session data.
 void setRequestCache(RequestCache requestCache)
           
 
Methods inherited from class org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler
clearAuthenticationAttributes
 
Methods inherited from class org.springframework.security.web.authentication.AbstractAuthenticationTargetUrlRequestHandler
determineTargetUrl, getDefaultTargetUrl, getRedirectStrategy, getTargetUrlParameter, handle, isAlwaysUseDefaultTargetUrl, setAlwaysUseDefaultTargetUrl, setDefaultTargetUrl, setRedirectStrategy, setTargetUrlParameter, setUseReferer
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

logger

protected final org.apache.commons.logging.Log logger
Constructor Detail

SavedRequestAwareAuthenticationSuccessHandler

public SavedRequestAwareAuthenticationSuccessHandler()
Method Detail

onAuthenticationSuccess

public void onAuthenticationSuccess(javax.servlet.http.HttpServletRequest request,
                                    javax.servlet.http.HttpServletResponse response,
                                    Authentication authentication)
                             throws javax.servlet.ServletException,
                                    IOException
Description copied from class: SimpleUrlAuthenticationSuccessHandler
Calls the parent class handle() method to forward or redirect to the target URL, and then calls clearAuthenticationAttributes() to remove any leftover session data.

Specified by:
onAuthenticationSuccess in interface AuthenticationSuccessHandler
Overrides:
onAuthenticationSuccess in class SimpleUrlAuthenticationSuccessHandler
Parameters:
request - the request which caused the successful authentication
response - the response
authentication - the Authentication object which was created during the authentication process.
Throws:
javax.servlet.ServletException
IOException

setRequestCache

public void setRequestCache(RequestCache requestCache)