Class LoginUrlAuthenticationEntryPoint
- All Implemented Interfaces:
- org.springframework.beans.factory.InitializingBean,- AuthenticationEntryPoint
ExceptionTranslationFilter to commence a form login authentication
 via the UsernamePasswordAuthenticationFilter.
 
 Holds the location of the login form in the loginFormUrl property, and uses
 that to build a redirect URL to the login page. Alternatively, an absolute URL can be
 set in this property and that will be used exclusively.
 
 When using a relative URL, you can set the forceHttps property to true, to
 force the protocol used for the login form to be HTTPS, even if the original
 intercepted request for a resource used the HTTP protocol. When this happens,
 after a successful login (via HTTPS), the original resource will still be accessed as
 HTTP, via the original request URL. For the forced HTTPS feature to work, the
 PortMapper is consulted to determine the HTTP:HTTPS pairs. The value of
 forceHttps will have no effect if an absolute URL is used.
- Since:
- 3.0
- 
Constructor SummaryConstructors
- 
Method SummaryModifier and TypeMethodDescriptionvoidprotected StringbuildHttpsRedirectUrlForRequest(jakarta.servlet.http.HttpServletRequest request) Builds a URL to redirect the supplied request to HTTPS.protected StringbuildRedirectUrlToLoginPage(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, AuthenticationException authException) voidcommence(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, AuthenticationException authException) Performs the redirect (or forward) to the login form URL.protected StringdetermineUrlToUseForThisRequest(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, AuthenticationException exception) Allows subclasses to modify the login form URL that should be applicable for a given request.protected PortMapperprotected PortResolverDeprecated, for removal: This API element is subject to removal in a future version.protected booleanprotected booleanvoidsetFavorRelativeUris(boolean favorRelativeUris) Favor using relative URIs when formulating a redirect.voidsetForceHttps(boolean forceHttps) Set to true to force login form access to be via https.voidsetPortMapper(PortMapper portMapper) voidsetPortResolver(PortResolver portResolver) Deprecated, for removal: This API element is subject to removal in a future version.voidsetUseForward(boolean useForward) Tells if we are to do a forward to theloginFormUrlusing theRequestDispatcher, instead of a 302 redirect.
- 
Constructor Details- 
LoginUrlAuthenticationEntryPoint- Parameters:
- loginFormUrl- URL where the login page can be found. Should either be relative to the web-app context path (include a leading- /) or an absolute URL.
 
 
- 
- 
Method Details- 
afterPropertiesSetpublic void afterPropertiesSet()- Specified by:
- afterPropertiesSetin interface- org.springframework.beans.factory.InitializingBean
 
- 
determineUrlToUseForThisRequestprotected String determineUrlToUseForThisRequest(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, AuthenticationException exception) Allows subclasses to modify the login form URL that should be applicable for a given request.- Parameters:
- request- the request
- response- the response
- exception- the exception
- Returns:
- the URL (cannot be null or empty; defaults to getLoginFormUrl())
 
- 
commencepublic void commence(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, AuthenticationException authException) throws IOException, jakarta.servlet.ServletException Performs the redirect (or forward) to the login form URL.- Specified by:
- commencein interface- AuthenticationEntryPoint
- Parameters:
- request- that resulted in an- AuthenticationException
- response- so that the user agent can begin authentication
- authException- that caused the invocation
- Throws:
- IOException
- jakarta.servlet.ServletException
 
- 
buildRedirectUrlToLoginPageprotected String buildRedirectUrlToLoginPage(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, AuthenticationException authException) 
- 
buildHttpsRedirectUrlForRequestprotected String buildHttpsRedirectUrlForRequest(jakarta.servlet.http.HttpServletRequest request) throws IOException, jakarta.servlet.ServletException Builds a URL to redirect the supplied request to HTTPS. Used to redirect the current request to HTTPS, before doing a forward to the login page.- Throws:
- IOException
- jakarta.servlet.ServletException
 
- 
setForceHttpspublic void setForceHttps(boolean forceHttps) Set to true to force login form access to be via https. If this value is true (the default is false), and the incoming request for the protected resource which triggered the interceptor was not alreadyhttps, then the client will first be redirected to an https URL, even if serverSideRedirect is set to true.
- 
isForceHttpsprotected boolean isForceHttps()
- 
getLoginFormUrl
- 
setPortMapper
- 
getPortMapper
- 
setPortResolverDeprecated, for removal: This API element is subject to removal in a future version.
- 
getPortResolverDeprecated, for removal: This API element is subject to removal in a future version.
- 
setUseForwardpublic void setUseForward(boolean useForward) Tells if we are to do a forward to theloginFormUrlusing theRequestDispatcher, instead of a 302 redirect.- Parameters:
- useForward- true if a forward to the login page should be used. Must be false (the default) if- loginFormUrlis set to an absolute value.
 
- 
isUseForwardprotected boolean isUseForward()
- 
setFavorRelativeUrispublic void setFavorRelativeUris(boolean favorRelativeUris) Favor using relative URIs when formulating a redirect.Note that a relative redirect is not always possible. For example, when redirecting from httptohttps, the URL needs to be absolute.- Parameters:
- favorRelativeUris- whether to favor relative URIs or not
- Since:
- 6.5
 
 
-