Class HttpSessionRequestCache

java.lang.Object
org.springframework.security.web.savedrequest.HttpSessionRequestCache
All Implemented Interfaces:
RequestCache

public class HttpSessionRequestCache extends Object implements RequestCache
RequestCache which stores the SavedRequest in the HttpSession. The DefaultSavedRequest class is used as the implementation.
Since:
3.0
  • Field Summary

    Fields
    Modifier and Type
    Field
    Description
    protected final org.apache.commons.logging.Log
     
  • Constructor Summary

    Constructors
    Constructor
    Description
     
  • Method Summary

    Modifier and Type
    Method
    Description
    jakarta.servlet.http.HttpServletRequest
    getMatchingRequest(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response)
    Returns a wrapper around the saved request, if it matches the current request.
    getRequest(jakarta.servlet.http.HttpServletRequest currentRequest, jakarta.servlet.http.HttpServletResponse response)
    Returns the saved request, leaving it cached.
    void
    removeRequest(jakarta.servlet.http.HttpServletRequest currentRequest, jakarta.servlet.http.HttpServletResponse response)
    Removes the cached request.
    void
    saveRequest(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response)
    Stores the current request, provided the configuration properties allow it.
    void
    setCreateSessionAllowed(boolean createSessionAllowed)
    If true, indicates that it is permitted to store the target URL and exception information in a new HttpSession (the default).
    void
    setMatchingRequestParameterName(String matchingRequestParameterName)
    Specify the name of a query parameter that is added to the URL that specifies the request cache should be checked in getMatchingRequest(HttpServletRequest, HttpServletResponse)
    void
     
    void
    Allows selective use of saved requests for a subset of requests.
    void
    setSessionAttrName(String sessionAttrName)
    If the sessionAttrName property is set, the request is stored in the session using this attribute name.

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
  • Field Details

    • logger

      protected final org.apache.commons.logging.Log logger
  • Constructor Details

    • HttpSessionRequestCache

      public HttpSessionRequestCache()
  • Method Details

    • saveRequest

      public void saveRequest(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response)
      Stores the current request, provided the configuration properties allow it.
      Specified by:
      saveRequest in interface RequestCache
      Parameters:
      request - the request to be stored
    • getRequest

      public SavedRequest getRequest(jakarta.servlet.http.HttpServletRequest currentRequest, jakarta.servlet.http.HttpServletResponse response)
      Description copied from interface: RequestCache
      Returns the saved request, leaving it cached.
      Specified by:
      getRequest in interface RequestCache
      Parameters:
      currentRequest - the current request
      Returns:
      the saved request which was previously cached, or null if there is none.
    • removeRequest

      public void removeRequest(jakarta.servlet.http.HttpServletRequest currentRequest, jakarta.servlet.http.HttpServletResponse response)
      Description copied from interface: RequestCache
      Removes the cached request.
      Specified by:
      removeRequest in interface RequestCache
      Parameters:
      currentRequest - the current request, allowing access to the cache.
    • getMatchingRequest

      public jakarta.servlet.http.HttpServletRequest getMatchingRequest(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response)
      Description copied from interface: RequestCache
      Returns a wrapper around the saved request, if it matches the current request. The saved request should be removed from the cache.
      Specified by:
      getMatchingRequest in interface RequestCache
      Returns:
      the wrapped save request, if it matches the original, or null if there is no cached request or it doesn't match.
    • setRequestMatcher

      public void setRequestMatcher(RequestMatcher requestMatcher)
      Allows selective use of saved requests for a subset of requests. By default any request will be cached by the saveRequest method.

      If set, only matching requests will be cached.

      Parameters:
      requestMatcher - a request matching strategy which defines which requests should be cached.
    • setCreateSessionAllowed

      public void setCreateSessionAllowed(boolean createSessionAllowed)
      If true, indicates that it is permitted to store the target URL and exception information in a new HttpSession (the default). In situations where you do not wish to unnecessarily create HttpSessions - because the user agent will know the failed URL, such as with BASIC or Digest authentication - you may wish to set this property to false.
    • setPortResolver

      public void setPortResolver(PortResolver portResolver)
    • setSessionAttrName

      public void setSessionAttrName(String sessionAttrName)
      If the sessionAttrName property is set, the request is stored in the session using this attribute name. Default is "SPRING_SECURITY_SAVED_REQUEST".
      Parameters:
      sessionAttrName - a new session attribute name.
      Since:
      4.2.1
    • setMatchingRequestParameterName

      public void setMatchingRequestParameterName(String matchingRequestParameterName)
      Specify the name of a query parameter that is added to the URL that specifies the request cache should be checked in getMatchingRequest(HttpServletRequest, HttpServletResponse)
      Parameters:
      matchingRequestParameterName - the parameter name that must be in the request for getMatchingRequest(HttpServletRequest, HttpServletResponse) to check the session.