public class SavedRequestAwareAuthenticationSuccessHandler extends SimpleUrlAuthenticationSuccessHandler
DefaultSavedRequest
which may have been stored in
the session by the ExceptionTranslationFilter
. When such a request is intercepted and requires authentication,
the request data is stored to record the original destination before the authentication process commenced, and to
allow the request to be reconstructed when a redirect to the same URL occurs. This class is responsible for
performing the redirect to the original URL if appropriate.
Following a successful authentication, it decides on the redirect destination, based on the following scenarios:
alwaysUseDefaultTargetUrl
property is set to true, the defaultTargetUrl
will be used for the destination. Any DefaultSavedRequest
stored in the session will be
removed.
targetUrlParameter
has been set on the request, the value will be used as the destination.
Any DefaultSavedRequest
will again be removed.
SavedRequest
is found in the RequestCache
(as set by the ExceptionTranslationFilter
to
record the original destination before the authentication process commenced), a redirect will be performed to the
Url of that original destination. The SavedRequest
object will remain cached and be picked up
when the redirected request is received
(See SavedRequestAwareWrapper
).
SavedRequest
is found, it will delegate to the base class.
Modifier and Type | Field and Description |
---|---|
protected org.apache.commons.logging.Log |
logger |
Constructor and Description |
---|
SavedRequestAwareAuthenticationSuccessHandler() |
Modifier and Type | Method and Description |
---|---|
void |
onAuthenticationSuccess(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response,
Authentication authentication)
Calls the parent class
handle() method to forward or redirect to the target URL, and
then calls clearAuthenticationAttributes() to remove any leftover session data. |
void |
setRequestCache(RequestCache requestCache) |
clearAuthenticationAttributes
determineTargetUrl, getDefaultTargetUrl, getRedirectStrategy, getTargetUrlParameter, handle, isAlwaysUseDefaultTargetUrl, setAlwaysUseDefaultTargetUrl, setDefaultTargetUrl, setRedirectStrategy, setTargetUrlParameter, setUseReferer
public SavedRequestAwareAuthenticationSuccessHandler()
public void onAuthenticationSuccess(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, Authentication authentication) throws javax.servlet.ServletException, IOException
SimpleUrlAuthenticationSuccessHandler
handle()
method to forward or redirect to the target URL, and
then calls clearAuthenticationAttributes()
to remove any leftover session data.onAuthenticationSuccess
in interface AuthenticationSuccessHandler
onAuthenticationSuccess
in class SimpleUrlAuthenticationSuccessHandler
request
- the request which caused the successful authenticationresponse
- the responseauthentication
- the Authentication object which was created during the authentication process.javax.servlet.ServletException
IOException
public void setRequestCache(RequestCache requestCache)