public class SavedRequestAwareAuthenticationSuccessHandler extends SimpleUrlAuthenticationSuccessHandler
DefaultSavedRequest
which may have been stored in the session by the
ExceptionTranslationFilter
. When such a request is intercepted and requires
authentication, the request data is stored to record the original destination before
the authentication process commenced, and to allow the request to be reconstructed when
a redirect to the same URL occurs. This class is responsible for performing the
redirect to the original URL if appropriate.
Following a successful authentication, it decides on the redirect destination, based on the following scenarios:
alwaysUseDefaultTargetUrl
property is set to true, the
defaultTargetUrl
will be used for the destination. Any
DefaultSavedRequest
stored in the session will be removed.targetUrlParameter
has been set on the request, the value will be used
as the destination. Any DefaultSavedRequest
will again be removed.SavedRequest
is found in the RequestCache
(as set by the
ExceptionTranslationFilter
to record the original destination before the
authentication process commenced), a redirect will be performed to the Url of that
original destination. The SavedRequest
object will remain cached and be picked
up when the redirected request is received (See
SavedRequestAwareWrapper).
SavedRequest
is found, it will delegate to the base class.Modifier and Type | Field and Description |
---|---|
protected org.apache.commons.logging.Log |
logger |
Constructor and Description |
---|
SavedRequestAwareAuthenticationSuccessHandler() |
Modifier and Type | Method and Description |
---|---|
void |
onAuthenticationSuccess(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response,
Authentication authentication)
Calls the parent class
handle() method to forward or redirect to the target
URL, and then calls clearAuthenticationAttributes() to remove any leftover
session data. |
void |
setRequestCache(RequestCache requestCache) |
clearAuthenticationAttributes
determineTargetUrl, determineTargetUrl, getDefaultTargetUrl, getRedirectStrategy, getTargetUrlParameter, handle, isAlwaysUseDefaultTargetUrl, setAlwaysUseDefaultTargetUrl, setDefaultTargetUrl, setRedirectStrategy, setTargetUrlParameter, setUseReferer
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
onAuthenticationSuccess
public SavedRequestAwareAuthenticationSuccessHandler()
public void onAuthenticationSuccess(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, Authentication authentication) throws javax.servlet.ServletException, java.io.IOException
SimpleUrlAuthenticationSuccessHandler
handle()
method to forward or redirect to the target
URL, and then calls clearAuthenticationAttributes()
to remove any leftover
session data.onAuthenticationSuccess
in interface AuthenticationSuccessHandler
onAuthenticationSuccess
in class SimpleUrlAuthenticationSuccessHandler
request
- the request which caused the successful authenticationresponse
- the responseauthentication
- the Authentication object which was created during
the authentication process.javax.servlet.ServletException
java.io.IOException
public void setRequestCache(RequestCache requestCache)