public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws ServletException, IOException { SavedRequest savedRequest = this.requestCache.getRequest(request, response); if(savedRequest == null) { //super.onAuthenticationSuccess(request, response, authentication); handle(request, response, authentication); super.clearAuthenticationAttributes(request); } else { String targetUrlParameter = this.getTargetUrlParameter(); if(!this.isAlwaysUseDefaultTargetUrl() && (targetUrlParameter == null || !StringUtils.hasText(request.getParameter(targetUrlParameter)))) { this.clearAuthenticationAttributes(request); String targetUrl = savedRequest.getRedirectUrl(); this.logger.debug("Redirecting to DefaultSavedRequest Url: " + targetUrl); //this.getRedirectStrategy().sendRedirect(request, response, targetUrl); } else { this.requestCache.removeRequest(request, response); //super.onAuthenticationSuccess(request, response, authentication); handle(request, response, authentication); super.clearAuthenticationAttributes(request); } } }
/** * 如果是访问受限页面后,跳转到登录页的,则在targetUrl保存之前受限页面的路径,供页面调用 * * @param request * @param response * @return */ @RequestMapping(value = "/login/success", method = RequestMethod.GET) public @ResponseBody JSONObject loginSuccess(HttpServletRequest request, HttpServletResponse response) { SavedRequest savedRequest = requestCache.getRequest(request, response); String targetUrl = null; if (savedRequest != null) { targetUrl = savedRequest.getRedirectUrl(); } Map<String, Object> result = new HashMap<>(); result.put("success", true); result.put("targetUrl", targetUrl); UserDetails userDetails = UserDetailsUtil.getCurrentUser(); result.put("userDetails",userDetails); if(userDetails!=null) { SessionInfo sessionInfo = new SessionInfo(); sessionInfo.setUsername(userDetails.getUsername()); request.getSession().setAttribute("sessionInfo", sessionInfo); result.put("sessionInfo",sessionInfo); } return JsonUtil.getSuccessJsonObject(result); }
/** * 坑爹大全 ! * 在 spring security 中,loginPage("/login") 是个特殊的 url (其他的 url 没有此限制,非 spring security 环境也无此限制) * 处理 /login 的 controller ,利用 @RequestParam(value = "error", required = false) 是无法接到任何参数信息的 * "http://localhost:8888/login?error=错误信息" 的 error 参数无法接到,不光是 error ,所有的参数都接不到 * spring security 把 "http://localhost:8888/login?error=错误信息" * 处理为 "http://localhost:8888/login" ,直接发给 controller ,为啥呢? * 当常见的需求是,登陆成功或者不成功,还想返回 /login ,并且传递点参数 /login?error=失败 * 无法处理 * 但 spring security 又提供了一个 org.springframework.security.web.savedrequest.SavedRequest ,来还原原始 request,可以利用它来获取参数 * 这么做为什么?不知道 * 又浪费了几个小时查找资料 * * @param request GET 方式发送的 http://localhost:8888/login?error=abc&rr=dce * @param response * @return */ public static Map<String, String> parseSpringSecurityLoginUrlWithExtraParameters(HttpServletRequest request, HttpServletResponse response) { SavedRequest savedRequest = new HttpSessionRequestCache().getRequest(request, response); if (savedRequest == null) return Maps.newHashMap(); // 空 map,避免异常 Map<String, String[]> map0 = savedRequest.getParameterMap(); //难道参数的值是个多个字符串? 为什么返回 Map<String, String[]> ? Map map = new HashMap<String, String>(map0.size()); for (Map.Entry<String, String[]> entry : map0.entrySet()) { map.put(entry.getKey(), entry.getValue()[0]); } MyFastJsonUtils.prettyPrint(map); return map; }
@Test public void getRequestReturnsSavedIfSavedRequestCookieExistsOnRequest() throws Exception { CookieRequestCache requestCache = createCookieRequestCache(); MockHttpServletRequest request = new MockHttpServletRequest(); String savedUrl = "https://example.com/some/path/name?query=value&a=b"; String encodedUrl = Base64.getMimeEncoder(Integer.MAX_VALUE, new byte[]{'\n'}).encodeToString(savedUrl.getBytes(StandardCharsets.ISO_8859_1)); request.setCookies(new Cookie(COOKIE_NAME, encodedUrl)); SavedRequest savedRequest = requestCache.getRequest(request, new MockHttpServletResponse()); assertThat(savedRequest, notNullValue()); assertThat(savedRequest.getRedirectUrl(), equalTo(savedUrl)); assertThat(savedRequest.getCookies().size(), equalTo(0)); assertThat(savedRequest.getMethod(), equalToIgnoringCase("GET")); assertThat(savedRequest.getHeaderValues("anything").size(), equalTo(0)); assertThat(savedRequest.getHeaderNames().size(), equalTo(0)); assertThat(savedRequest.getLocales().size(), equalTo(0)); assertThat(savedRequest.getParameterValues("anything").length, equalTo(0)); assertThat(savedRequest.getParameterMap().size(), equalTo(0)); }
@Override public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws ServletException, IOException { SavedRequest savedRequest = requestCache.getRequest(request, response); if (savedRequest == null) { clearAuthenticationAttributes(request); return; } String targetUrlParam = getTargetUrlParameter(); if (isAlwaysUseDefaultTargetUrl() || (targetUrlParam != null && StringUtils.hasText(request.getParameter(targetUrlParam)))) { requestCache.removeRequest(request, response); clearAuthenticationAttributes(request); return; } clearAuthenticationAttributes(request); }
private String getTargetUrlFromSavedRequest(HttpServletRequest request, SavedRequest savedRequest) { String targetUrl = null; if (savedRequest != null) { // get saved absolute target URL targetUrl = savedRequest.getRedirectUrl(); String url = targetUrl.toLowerCase(Locale.ENGLISH); // assert that there is no down-grade to HTTP if current request is HTTPS if (request.isSecure() && !url.startsWith("https:")) { // convert to relative URL targetUrl = convertToRelativeUrl(request, targetUrl); } if (targetUrl == null) { LOGGER.debug( "Target URL from saved request could not be converted to a relative URL: {}", savedRequest.getRedirectUrl()); } else { LOGGER.debug("Found target URL in saved request: {}", targetUrl); } } return targetUrl; }
@Override public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException { SavedRequest savedRequest = requestCache.getRequest(request, response); if (savedRequest == null) { clearAuthenticationAttributes(request); return; } String targetUrlParam = getTargetUrlParameter(); if (isAlwaysUseDefaultTargetUrl() || (targetUrlParam != null && StringUtils.hasText(request.getParameter(targetUrlParam)))) { requestCache.removeRequest(request, response); clearAuthenticationAttributes(request); return; } clearAuthenticationAttributes(request); }
/** * First check for a <code>SavedRequest</code> and if none exists continue * as per {@link AbstractAuthenticationTargetUrlRequestHandler}. */ protected void handle(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException { SavedRequest savedRequest = new HttpSessionRequestCache().getRequest( request, response); String targetUrl = savedRequest.getRedirectUrl(); System.out.println("requested url: " + targetUrl); if (targetUrl == null) { targetUrl = determineTargetUrl(request, response); } if (response.isCommitted()) { logger.debug("Response has already been committed. Unable to redirect to " + targetUrl); return; } getRedirectStrategy().sendRedirect(request, response, targetUrl); }
@Override public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException { String userId = request.getParameter("employeeId"); if (userId != null) { response.sendRedirect(request.getContextPath() + "/emp/myview/" + userId); } else { SavedRequest savedRequest = new HttpSessionRequestCache() .getRequest(request, response); if (savedRequest != null) { response.sendRedirect(savedRequest.getRedirectUrl()); } else { response.sendRedirect(request.getContextPath() + "/"); } } }
@Override public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws ServletException, IOException { createNewSession(request, response); SavedRequest savedRequest = requestCache.getRequest(request, response); if (savedRequest == null) { super.onAuthenticationSuccess(request, response, authentication); return; } String targetUrlParameter = getTargetUrlParameter(); if (isAlwaysUseDefaultTargetUrl() || (targetUrlParameter != null && StringUtils.hasText(request.getParameter(targetUrlParameter)))) { requestCache.removeRequest(request, response); super.onAuthenticationSuccess(request, response, authentication); return; } clearAuthenticationAttributes(request); String targetUrl = appendToken(savedRequest.getRedirectUrl(), request); logger.debug("Redirecting to DefaultSavedRequest Url: " + targetUrl); getRedirectStrategy().sendRedirect(request, response, targetUrl); }
@Override public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws ServletException, IOException { SavedRequest savedRequest = requestCache.getRequest(request, response); if (savedRequest == null) { clearAuthenticationAttributes(request); return; } String targetUrlParam = getTargetUrlParameter(); if (isAlwaysUseDefaultTargetUrl() || (targetUrlParam != null && StringUtils.hasText(request .getParameter(targetUrlParam)))) { requestCache.removeRequest(request, response); clearAuthenticationAttributes(request); return; } clearAuthenticationAttributes(request); }
public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws ServletException, IOException { SavedRequest savedRequest = new HttpSessionRequestCache().getRequest(request, response); if (savedRequest == null) { return; } HttpSession session = request.getSession(); session.removeAttribute(WebAttributes.AUTHENTICATION_EXCEPTION); // Use the DefaultSavedRequest URL String targetUrl = savedRequest.getRedirectUrl(); logger.debug("Redirecting to DefaultSavedRequest Url: " + targetUrl); response.sendRedirect(targetUrl); }
@Test public void testRedirectToSavedRequest() throws Exception { MockHttpServletRequest request = new MockHttpServletRequest(); MockHttpServletResponse response = new MockHttpServletResponse(); RequestContext context = new RequestContext(request, response, null); SavedRequest savedRequest = mock(SavedRequest.class); when(savedRequest.getRedirectUrl()).thenReturn(SAVED_REQUEST_URL); when(requestCache.getRequest(request, response)).thenReturn(savedRequest); handler.handle(context, mock(Authentication.class)); assertEquals(SAVED_REQUEST_URL, response.getRedirectedUrl()); assertEquals(HttpServletResponse.SC_MOVED_TEMPORARILY, response.getStatus()); assertTrue(response.isCommitted()); }
@Override public void onAuthenticationSuccess(final HttpServletRequest request, final HttpServletResponse response, final Authentication authentication) throws ServletException, IOException { final SavedRequest savedRequest = requestCache.getRequest(request, response); if (savedRequest == null) { clearAuthenticationAttributes(request); return; } final String targetUrlParameter = getTargetUrlParameter(); if (isAlwaysUseDefaultTargetUrl() || (targetUrlParameter != null && StringUtils.hasText(request.getParameter(targetUrlParameter)))) { requestCache.removeRequest(request, response); clearAuthenticationAttributes(request); return; } clearAuthenticationAttributes(request); // Use the DefaultSavedRequest URL // final String targetUrl = savedRequest.getRedirectUrl(); // logger.debug("Redirecting to DefaultSavedRequest Url: " + targetUrl); // getRedirectStrategy().sendRedirect(request, response, targetUrl); }
protected void redirectToSavedPage() { AbstractCoreSession<?> session = AbstractCoreSession.get(); String redirectUrl = null; if (StringUtils.hasText(session.getRedirectUrl())) { redirectUrl = session.getRedirectUrl(); } else { Object savedRequest = RequestCycleUtils.getCurrentContainerRequest().getSession() .getAttribute(MavenArtifactNotifierSession.SPRING_SECURITY_SAVED_REQUEST); if (savedRequest instanceof SavedRequest) { redirectUrl = ((SavedRequest) savedRequest).getRedirectUrl(); } RequestCycleUtils.getCurrentContainerRequest().getSession() .removeAttribute(MavenArtifactNotifierSession.SPRING_SECURITY_SAVED_REQUEST); } if (isUrlValid(redirectUrl)) { redirect(redirectUrl); } else { redirect(DashboardPage.class); } }
@Override public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException { // 获取用户权限 Collection<? extends GrantedAuthority> authCollection = authentication .getAuthorities(); if (authCollection.isEmpty()) { return; } // 认证成功后,获取用户信息并添加到session中 UserDetails userDetails = (UserDetails) authentication.getPrincipal(); MangoUser user = userService.getUserByName(userDetails.getUsername()); request.getSession().setAttribute("user", user); String url = null; // 从别的请求页面跳转过来的情况,savedRequest不为空 SavedRequest savedRequest = requestCache.getRequest(request, response); if (savedRequest != null) { url = savedRequest.getRedirectUrl(); } // 直接点击登录页面,根据登录用户的权限跳转到不同的页面 if (url == null) { for (GrantedAuthority auth : authCollection) { url = authDispatcherMap.get(auth.getAuthority()); } getRedirectStrategy().sendRedirect(request, response, url); } super.onAuthenticationSuccess(request, response, authentication); }
@Bean public SignInAdapter signInAdapter(UserDetailsService userDetailsService) { RequestCache requestCache = new HttpSessionRequestCache(); return (userId, connection, request) -> { UserDetails userDetails = userDetailsService.loadUserByUsername(userId); Authentication authentication = new UsernamePasswordAuthenticationToken(userDetails, null, userDetails.getAuthorities()); SecurityContextHolder.getContext().setAuthentication(authentication); SavedRequest savedRequest = requestCache.getRequest(request.getNativeRequest(HttpServletRequest.class), request.getNativeResponse(HttpServletResponse.class)); return savedRequest == null ? null : savedRequest.getRedirectUrl(); }; }
@Override protected String determineTargetUrl(HttpServletRequest request, HttpServletResponse response) { if (isAlwaysUseDefaultTargetUrl()) return getDefaultTargetUrl(); String targetUrl = null; if (getTargetUrlParameter() != null) { targetUrl = request.getParameter(getTargetUrlParameter()); } SavedRequest savedRequest = requestCache.getRequest(request, response); if (savedRequest != null && !StringUtils.hasText(targetUrl)) { targetUrl = savedRequest.getRedirectUrl(); } if (useReferer && !StringUtils.hasText(targetUrl)) { targetUrl = request.getHeader("Referer"); } if (StringUtils.hasText(targetUrl)) { try { request.setAttribute("target", targetUrl); return getDefaultTargetUrl() + "?" + getTargetUrlParameter() + "=" + URLEncoder.encode(targetUrl, "UTF-8"); } catch (Exception e) {} } return getDefaultTargetUrl(); }
/** * Ritorna la richiesta che era stata salvata da Spring Security prima del login, bloccata perchè l'utente non era autenticato * @return la url originale completa di http://, oppure null se non c'è in sessione */ public String getSavedRequestUrl() { SavedRequest savedRequest = (SavedRequest) httpSession.getAttribute(SAVED_REQUEST); if (savedRequest!=null) { return savedRequest.getRedirectUrl(); } log.debug("No saved request found in session"); return null; }
private String extractOriginalUrl(NativeWebRequest request) { HttpServletRequest nativeReq = request.getNativeRequest(HttpServletRequest.class); HttpServletResponse nativeRes = request.getNativeResponse(HttpServletResponse.class); SavedRequest saved = requestCache.getRequest(nativeReq, nativeRes); if (saved == null) { return null; } requestCache.removeRequest(nativeReq, nativeRes); removeAutheticationAttributes(nativeReq.getSession(false)); return saved.getRedirectUrl(); }
@Override public SavedRequest getRequest(HttpServletRequest request, HttpServletResponse response) { if (request.getCookies() == null) { return null; } Optional<Cookie> maybeCookie = Arrays.stream(request.getCookies()).filter(cookie -> cookie != null && savedRequestCookieName.equals(cookie.getName())).findFirst(); if (!maybeCookie.isPresent()) { return null; } Cookie savedRequestCookie = maybeCookie.get(); String redirectUrl = new String(base64Decoder.decode(savedRequestCookie.getValue()), StandardCharsets.ISO_8859_1); return new SimpleSavedRequest(redirectUrl); }
@Test public void getRequestReturnsNullIfCookiesOnRequestDoNotContainSavedRequestCookie() throws Exception { CookieRequestCache requestCache = createCookieRequestCache(); MockHttpServletRequest request = new MockHttpServletRequest(); request.setCookies(new Cookie[1]); SavedRequest savedRequest = requestCache.getRequest(request, new MockHttpServletResponse()); assertThat(savedRequest, nullValue()); }
/** * 로그인 화면으로 들어간다 * * @param targetUrl * @param loginVO */ @RequestMapping(value = "/uat/uia/loginUsr.do") public String loginUsrView( HttpServletRequest request, @RequestParam(value="targetUrl", required=false) String targetUrl, @ModelAttribute LoginVO loginVO, HttpServletResponse response, ModelMap model) { if (ComponentChecker.hasComponent("mberManageService")) { model.addAttribute("useMemberManage", "true"); } // 접속 기기에 따라서 모바일용/일반웹용 처음 페이지를 다르게 호출한다. String requestUrl = null; SavedRequest savedRequest = requestCache.getRequest(request, response); if ( targetUrl != null ) { model.addAttribute("targetUrl", targetUrl); LOG.debug("targetUrl = " + targetUrl); requestUrl = targetUrl; } else if( savedRequest != null ) { requestUrl = savedRequest.getRedirectUrl(); LOG.debug("savedRequestUrl = " + requestUrl); } else { requestUrl = request.getRequestURI(); } if( requestUrl.startsWith("http://m.aramsoft.co.kr") || requestUrl.indexOf(".mdo") != -1 ) { return "aramframework/mbl/uat/uia/LoginUsr"; } else { return "aramframework/com/uat/uia/LoginUsr"; } }
@Override protected void handle(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException { // reset overridden locale to enforce usage of users locale SessionHandler.instance().resetOverriddenCurrentUserLocale(request); String targetUrl = determineTargetUrl(request, response); SavedRequest savedRequest = requestCache.getRequest(request, response); if (targetUrl == null) { targetUrl = getTargetUrlFromSavedRequest(request, savedRequest); } if (savedRequest != null) { requestCache.removeRequest(request, response); } String moduleClientPart = ClientUrlHelper.prependModuleClientPart(StringUtils.EMPTY); if (!isTargetUrlValid(request, targetUrl, moduleClientPart)) { targetUrl = WebServiceLocator.instance().getStartpageRegistry().getStartpage(); LOGGER.debug("Using startpage as target URL: {}", targetUrl); } if (response.isCommitted()) { LOGGER.debug("Response has already been committed. Unable to redirect to " + targetUrl); return; } if (!UrlHelper.isAbsoluteHttpUrl(targetUrl)) { // if module client part is already contained, the URL can be rendered as static URL boolean renderStatic = targetUrl.startsWith(moduleClientPart); targetUrl = ControllerHelper.renderAbsoluteUrl(request, null, targetUrl, false, renderStatic, false); targetUrl = encodeAbsoluteURL(request, targetUrl); } getRedirectStrategy().sendRedirect(request, response, targetUrl); }
public static String getSpringSecuritySavedRequest() { String redirectUrl = null; Object savedRequest = RequestCycleUtils.getCurrentContainerRequest().getSession().getAttribute(SPRING_SECURITY_SAVED_REQUEST); if (savedRequest instanceof SavedRequest) { redirectUrl = ((SavedRequest) savedRequest).getRedirectUrl(); } RequestCycleUtils.getCurrentContainerRequest().getSession().removeAttribute(SPRING_SECURITY_SAVED_REQUEST); return redirectUrl; }
protected String getRedirectUrl(HttpServletRequest request) { HttpSession session = request.getSession(false); if(session != null) { SavedRequest savedRequest = (SavedRequest) session.getAttribute(SpringInternals.SAVED_REQUEST); if(savedRequest != null) { return savedRequest.getRedirectUrl(); } } return null; }
@Override public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws ServletException, IOException { SavedRequest savedRequest = requestCache.getRequest(request, response); String targetUrlParameter = getTargetUrlParameter(); if (isAlwaysUseDefaultTargetUrl() || (targetUrlParameter != null && StringUtils.hasText(request.getParameter(targetUrlParameter)))) { requestCache.removeRequest(request, response); super.onAuthenticationSuccess(request, response, authentication); return; } // fall back to SimpleUrl actions only if no targetUrlParameter if (savedRequest == null) { super.onAuthenticationSuccess(request, response, authentication); return; } clearAuthenticationAttributes(request); // Use the DefaultSavedRequest URL String targetUrl = savedRequest.getRedirectUrl(); logger.debug("Redirecting to DefaultSavedRequest Url: " + targetUrl); getRedirectStrategy().sendRedirect(request, response, targetUrl); }
@Override public ISavedRequest getSavedRequest() { final SavedRequest savedRequest = SpringSecuritySessionAttributes.getSavedRequest(); if (savedRequest == null) { return null; } else { return new DelegateSavedRequest(savedRequest); } }
private String getRedirectUrl() { String redirectUrl = null; HttpSession session = ((ServletWebRequest) RequestCycle.get().getRequest()) .getContainerRequest().getSession(false); if (session != null) { SavedRequest savedRequest = (SavedRequest) session .getAttribute("SPRING_SECURITY_SAVED_REQUEST"); if (savedRequest != null) { redirectUrl = savedRequest.getRedirectUrl(); } } // There is some kind of bug that logs the user out again if the redirect page is // the context root and if that does not end in a slash. To avoid this, we add a slash // here. This is rather a hack, but I have no idea why this problem occurs. Figured this // out through trial-and-error rather then by in-depth debugging. String baseUrl = RequestCycle.get().getUrlRenderer().renderFullUrl(Url.parse("")); if (baseUrl.equals(redirectUrl)) { redirectUrl += "/"; } // In case there was a URL fragment in the original URL, append it again to the redirect // URL. if (redirectUrl != null && isNotBlank(form.urlfragment)) { redirectUrl += "#" + form.urlfragment; } return redirectUrl; }
private String getTargetUrl(HttpServletRequest request, HttpServletResponse response) { SavedRequest savedRequest = requestCache.getRequest(request, response); if (savedRequest == null || WebUtils.isAjax(savedRequest)) { return "/"; } requestCache.removeRequest(request, response); return savedRequest.getRedirectUrl(); }
@Override public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws ServletException, IOException { SavedRequest savedRequest = requestCache.getRequest(request, response); if (savedRequest == null || savedRequest.getRedirectUrl().contains(loginUrl)) { getRedirectStrategy().sendRedirect(request, response, defaultRedirectUrl); } super.onAuthenticationSuccess(request, response, authentication); }
@Test public void deveRedirecionarParaUrlPadrãoSeUrlAnteriorForAutenticar() throws ServletException, IOException { SavedRequest savedRequest = mock(SavedRequest.class); when(savedRequest.getRedirectUrl()).thenReturn(LOGIN_URL); when(requestCache.getRequest(any(), any())).thenReturn(savedRequest); successHandler.setRequestCache(requestCache); successHandler.onAuthenticationSuccess(request, response, authentication); verify(redirectStrategy).sendRedirect(request, response, DEFAULT_REDIRECT_URL); }
@Test public void deveRedirecionarParaUrlAnteriorSeForDiferenteDaUrlDoLogin() throws ServletException, IOException { SavedRequest savedRequest = mock(SavedRequest.class); String outraUrl = "/editar/outro"; when(savedRequest.getRedirectUrl()).thenReturn(outraUrl); when(requestCache.getRequest(any(), any())).thenReturn(savedRequest); successHandler.setRequestCache(requestCache); successHandler.onAuthenticationSuccess(request, response, authentication); verify(redirectStrategy).sendRedirect(request, response, outraUrl); }
protected String getSavedRequestRedirectUrl(final HttpServletRequest request) { HttpSession session = request.getSession(false); if (session != null) { SavedRequest savedRequest = cache.getRequest(request, null); if (savedRequest != null) { return savedRequest.getRedirectUrl(); } } /* return a sane default in case data isn't there */ return request.getContextPath() + "/"; }
@Override public void onAuthenticationSuccess(Authentication authentication) throws Exception { HttpServletRequest request = http.getCurrentRequest(); HttpServletResponse response = http.getCurrentResponse(); SavedRequest savedRequest = requestCache.getRequest(request, response); if (savedRequest == null) { super.onAuthenticationSuccess(authentication); return; } String targetUrlParameter = getTargetUrlParameter(); if (isAlwaysUseDefaultTargetUrl() || (targetUrlParameter != null && StringUtils.hasText(request.getParameter(targetUrlParameter)))) { requestCache.removeRequest(request, response); super.onAuthenticationSuccess(authentication); return; } clearAuthenticationAttributes(); // Use the DefaultSavedRequest URL String targetUrl = savedRequest.getRedirectUrl(); logger.debug("Redirecting to saved request redirect url: " + targetUrl); redirectStrategy.sendRedirect(targetUrl); }
public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws ServletException, IOException { RainbowUser user = (RainbowUser)SecurityContextHolder.getContext().getAuthentication().getPrincipal(); request.getSession().setAttribute(ThreadConstants.RAINBOW_USER, user); request.getSession().setAttribute(ThreadConstants.RAINBOW_USERNAME, user.getSessionData().get("name")); request.getSession().setAttribute(ThreadConstants.RAINBOW_LOGINID, user.getUsername()); RainbowSession.web2Service(request); SavedRequest savedRequest = requestCache.getRequest(request, response); if (savedRequest == null) { super.onAuthenticationSuccess(request, response, authentication); return; } String targetUrlParameter = getTargetUrlParameter(); if (isAlwaysUseDefaultTargetUrl() || (targetUrlParameter != null && StringUtils.hasText(request.getParameter(targetUrlParameter)))) { requestCache.removeRequest(request, response); super.onAuthenticationSuccess(request, response, authentication); return; } clearAuthenticationAttributes(request); // Use the DefaultSavedRequest URL String targetUrl = savedRequest.getRedirectUrl(); logger.debug("Redirecting to DefaultSavedRequest Url: " + targetUrl); getRedirectStrategy().sendRedirect(request, response, targetUrl); }
