org.springframework.security.web.authentication
Class AbstractAuthenticationTargetUrlRequestHandler

java.lang.Object
  extended by org.springframework.security.web.authentication.AbstractAuthenticationTargetUrlRequestHandler
Direct Known Subclasses:
SimpleUrlAuthenticationSuccessHandler, SimpleUrlLogoutSuccessHandler

public abstract class AbstractAuthenticationTargetUrlRequestHandler
extends Object

Base class containing the logic used by strategies which handle redirection to a URL and are passed an Authentication object as part of the contract. See AuthenticationSuccessHandler and LogoutSuccessHandler, for example.

Uses the following logic sequence to determine how it should handle the forward/redirect

Since:
3.0

Field Summary
protected  org.apache.commons.logging.Log logger
           
 
Constructor Summary
protected AbstractAuthenticationTargetUrlRequestHandler()
           
 
Method Summary
protected  String determineTargetUrl(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
          Builds the target URL according to the logic defined in the main class Javadoc.
protected  String getDefaultTargetUrl()
          Supplies the default target Url that will be used if no saved request is found or the alwaysUseDefaultTargetUrl property is set to true.
protected  RedirectStrategy getRedirectStrategy()
           
protected  String getTargetUrlParameter()
           
protected  void handle(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, Authentication authentication)
          Invokes the configured RedirectStrategy with the URL returned by the determineTargetUrl method.
protected  boolean isAlwaysUseDefaultTargetUrl()
           
 void setAlwaysUseDefaultTargetUrl(boolean alwaysUseDefaultTargetUrl)
          If true, will always redirect to the value of defaultTargetUrl (defaults to false).
 void setDefaultTargetUrl(String defaultTargetUrl)
          Supplies the default target Url that will be used if no saved request is found in the session, or the alwaysUseDefaultTargetUrl property is set to true.
 void setRedirectStrategy(RedirectStrategy redirectStrategy)
          Allows overriding of the behaviour when redirecting to a target URL.
 void setTargetUrlParameter(String targetUrlParameter)
          If this property is set, the current request will be checked for this a parameter with this name and the value used as the target URL if present.
 void setUseReferer(boolean useReferer)
          If set to true the Referer header will be used (if available).
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

logger

protected final org.apache.commons.logging.Log logger
Constructor Detail

AbstractAuthenticationTargetUrlRequestHandler

protected AbstractAuthenticationTargetUrlRequestHandler()
Method Detail

handle

protected void handle(javax.servlet.http.HttpServletRequest request,
                      javax.servlet.http.HttpServletResponse response,
                      Authentication authentication)
               throws IOException,
                      javax.servlet.ServletException
Invokes the configured RedirectStrategy with the URL returned by the determineTargetUrl method.

The redirect will not be performed if the response has already been committed.

Throws:
IOException
javax.servlet.ServletException

determineTargetUrl

protected String determineTargetUrl(javax.servlet.http.HttpServletRequest request,
                                    javax.servlet.http.HttpServletResponse response)
Builds the target URL according to the logic defined in the main class Javadoc.


getDefaultTargetUrl

protected final String getDefaultTargetUrl()
Supplies the default target Url that will be used if no saved request is found or the alwaysUseDefaultTargetUrl property is set to true. If not set, defaults to /.

Returns:
the defaultTargetUrl property

setDefaultTargetUrl

public void setDefaultTargetUrl(String defaultTargetUrl)
Supplies the default target Url that will be used if no saved request is found in the session, or the alwaysUseDefaultTargetUrl property is set to true. If not set, defaults to /. It will be treated as relative to the web-app's context path, and should include the leading /. Alternatively, inclusion of a scheme name (such as "http://" or "https://") as the prefix will denote a fully-qualified URL and this is also supported.

Parameters:
defaultTargetUrl -

setAlwaysUseDefaultTargetUrl

public void setAlwaysUseDefaultTargetUrl(boolean alwaysUseDefaultTargetUrl)
If true, will always redirect to the value of defaultTargetUrl (defaults to false).


isAlwaysUseDefaultTargetUrl

protected boolean isAlwaysUseDefaultTargetUrl()

setTargetUrlParameter

public void setTargetUrlParameter(String targetUrlParameter)
If this property is set, the current request will be checked for this a parameter with this name and the value used as the target URL if present.

Parameters:
targetUrlParameter - the name of the parameter containing the encoded target URL. Defaults to null.

getTargetUrlParameter

protected String getTargetUrlParameter()

setRedirectStrategy

public void setRedirectStrategy(RedirectStrategy redirectStrategy)
Allows overriding of the behaviour when redirecting to a target URL.


getRedirectStrategy

protected RedirectStrategy getRedirectStrategy()

setUseReferer

public void setUseReferer(boolean useReferer)
If set to true the Referer header will be used (if available). Defaults to false.