Class SavedRequestAwareAuthenticationSuccessHandler
- java.lang.Object
-
- org.springframework.security.web.authentication.AbstractAuthenticationTargetUrlRequestHandler
-
- org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler
-
- org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler
-
- All Implemented Interfaces:
AuthenticationSuccessHandler
public class SavedRequestAwareAuthenticationSuccessHandler extends SimpleUrlAuthenticationSuccessHandler
An authentication success strategy which can make use of theDefaultSavedRequest
which may have been stored in the session by theExceptionTranslationFilter
. When such a request is intercepted and requires authentication, the request data is stored to record the original destination before the authentication process commenced, and to allow the request to be reconstructed when a redirect to the same URL occurs. This class is responsible for performing the redirect to the original URL if appropriate.Following a successful authentication, it decides on the redirect destination, based on the following scenarios:
-
If the
alwaysUseDefaultTargetUrl
property is set to true, thedefaultTargetUrl
will be used for the destination. AnyDefaultSavedRequest
stored in the session will be removed. -
If the
targetUrlParameter
has been set on the request, the value will be used as the destination. AnyDefaultSavedRequest
will again be removed. -
If a
SavedRequest
is found in theRequestCache
(as set by theExceptionTranslationFilter
to record the original destination before the authentication process commenced), a redirect will be performed to the Url of that original destination. TheSavedRequest
object will remain cached and be picked up when the redirected request is received (See SavedRequestAwareWrapper). -
If no
SavedRequest
is found, it will delegate to the base class.
- Since:
- 3.0
-
-
Field Summary
Fields Modifier and Type Field Description protected org.apache.commons.logging.Log
logger
-
Constructor Summary
Constructors Constructor Description SavedRequestAwareAuthenticationSuccessHandler()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description void
onAuthenticationSuccess(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, Authentication authentication)
Calls the parent classhandle()
method to forward or redirect to the target URL, and then callsclearAuthenticationAttributes()
to remove any leftover session data.void
setRequestCache(RequestCache requestCache)
-
Methods inherited from class org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler
clearAuthenticationAttributes
-
Methods inherited from class org.springframework.security.web.authentication.AbstractAuthenticationTargetUrlRequestHandler
determineTargetUrl, determineTargetUrl, getDefaultTargetUrl, getRedirectStrategy, getTargetUrlParameter, handle, isAlwaysUseDefaultTargetUrl, setAlwaysUseDefaultTargetUrl, setDefaultTargetUrl, setRedirectStrategy, setTargetUrlParameter, setUseReferer
-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface org.springframework.security.web.authentication.AuthenticationSuccessHandler
onAuthenticationSuccess
-
-
-
-
Method Detail
-
onAuthenticationSuccess
public void onAuthenticationSuccess(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, Authentication authentication) throws javax.servlet.ServletException, java.io.IOException
Description copied from class:SimpleUrlAuthenticationSuccessHandler
Calls the parent classhandle()
method to forward or redirect to the target URL, and then callsclearAuthenticationAttributes()
to remove any leftover session data.- Specified by:
onAuthenticationSuccess
in interfaceAuthenticationSuccessHandler
- Overrides:
onAuthenticationSuccess
in classSimpleUrlAuthenticationSuccessHandler
- Parameters:
request
- the request which caused the successful authenticationresponse
- the responseauthentication
- the Authentication object which was created during the authentication process.- Throws:
javax.servlet.ServletException
java.io.IOException
-
setRequestCache
public void setRequestCache(RequestCache requestCache)
-
-