Java 类org.springframework.security.web.savedrequest.HttpSessionRequestCache 实例源码

项目:spring-boot    文件:SpringUtils.java   
/**
 * 坑爹大全 !
 * 在 spring security 中,loginPage("/login") 是个特殊的 url (其他的 url 没有此限制,非 spring security 环境也无此限制)
 * 处理 /login 的 controller ,利用 @RequestParam(value = "error", required = false) 是无法接到任何参数信息的
 * "http://localhost:8888/login?error=错误信息" 的 error 参数无法接到,不光是 error ,所有的参数都接不到
 * spring security 把  "http://localhost:8888/login?error=错误信息"
 * 处理为 "http://localhost:8888/login" ,直接发给 controller ,为啥呢?
 * 当常见的需求是,登陆成功或者不成功,还想返回 /login ,并且传递点参数 /login?error=失败
 * 无法处理
 * 但 spring security 又提供了一个 org.springframework.security.web.savedrequest.SavedRequest ,来还原原始 request,可以利用它来获取参数
 * 这么做为什么?不知道
 * 又浪费了几个小时查找资料
 *
 * @param request  GET 方式发送的 http://localhost:8888/login?error=abc&rr=dce
 * @param response
 * @return
 */
public static Map<String, String> parseSpringSecurityLoginUrlWithExtraParameters(HttpServletRequest request, HttpServletResponse response) {

    SavedRequest savedRequest = new HttpSessionRequestCache().getRequest(request, response);
    if (savedRequest == null)
        return Maps.newHashMap(); // 空 map,避免异常

    Map<String, String[]> map0 = savedRequest.getParameterMap(); //难道参数的值是个多个字符串? 为什么返回 Map<String, String[]>  ?
    Map map = new HashMap<String, String>(map0.size());

    for (Map.Entry<String, String[]> entry : map0.entrySet()) {
        map.put(entry.getKey(), entry.getValue()[0]);
    }

    MyFastJsonUtils.prettyPrint(map);

    return map;
}
项目:motech    文件:SecurityRuleBuilder.java   
private List<Filter> addFilters(MotechURLSecurityRule securityRule) throws ServletException {
    List<Filter> filters = new ArrayList<>();

    SecurityContextRepository contextRepository = new HttpSessionSecurityContextRepository();
    RequestCache requestCache = new HttpSessionRequestCache();

    addSecureChannel(filters, securityRule.getProtocol());
    addSecurityContextPersistenceFilter(filters, contextRepository);
    addLogoutFilter(filters, securityRule);
    addAuthenticationFilters(filters, securityRule);
    addRequestCacheFilter(filters, requestCache);
    addSecurityContextHolderAwareRequestFilter(filters);
    addAnonymousAuthenticationFilter(filters);
    addSessionManagementFilter(filters, contextRepository);
    addExceptionTranslationFilter(filters, requestCache, securityRule.isRest());
    addFilterSecurityInterceptor(filters, securityRule);

    return filters;
}
项目:one-decision    文件:RedirectingAuthenticationSuccessHandler.java   
/**
 * First check for a <code>SavedRequest</code> and if none exists continue
 * as per {@link AbstractAuthenticationTargetUrlRequestHandler}.
 */
protected void handle(HttpServletRequest request,
        HttpServletResponse response, Authentication authentication)
        throws IOException, ServletException {
    SavedRequest savedRequest = new HttpSessionRequestCache().getRequest(
            request, response);
    String targetUrl = savedRequest.getRedirectUrl();
    System.out.println("requested url: " + targetUrl);

    if (targetUrl == null) {
        targetUrl = determineTargetUrl(request, response);
    }

    if (response.isCommitted()) {
        logger.debug("Response has already been committed. Unable to redirect to "
                + targetUrl);
        return;
    }

    getRedirectStrategy().sendRedirect(request, response, targetUrl);
}
项目:pms    文件:AuthenticationHandler.java   
@Override
public void onAuthenticationSuccess(HttpServletRequest request,
        HttpServletResponse response, Authentication authentication)
        throws IOException, ServletException {

    String userId = request.getParameter("employeeId");
    if (userId != null) {
        response.sendRedirect(request.getContextPath() + "/emp/myview/"
                + userId);
    } else {
        SavedRequest savedRequest = new HttpSessionRequestCache()
                .getRequest(request, response);
        if (savedRequest != null) {
            response.sendRedirect(savedRequest.getRedirectUrl());
        } else {
            response.sendRedirect(request.getContextPath() + "/");
        }
    }
}
项目:find    文件:SecurityConfiguration.java   
@SuppressWarnings("ProhibitedExceptionDeclared")
@Override
protected void configure(final HttpSecurity http) throws Exception {
    final HttpSessionRequestCache requestCache = new HttpSessionRequestCache();
    requestCache.setRequestMatcher(new AntPathRequestMatcher(FindController.APP_PATH + "/**"));

    http
        .authorizeRequests()
            .antMatchers("/api/public/**").hasRole(FindRole.USER.name())
            .antMatchers("/api/admin/**").hasRole(FindRole.ADMIN.name())
            .antMatchers("/api/config/**").hasRole(FindRole.CONFIG.name())
            .antMatchers("/api/bi/**").hasRole(FindRole.BI.name())
            .and()
        .requestCache()
            .requestCache(requestCache)
            .and()
        .csrf()
            .disable()
        .headers()
            .defaultsDisabled()
            .frameOptions()
            .sameOrigin();
}
项目:glassmaker    文件:OAuth2AuthenticationFilter.java   
public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws ServletException, IOException {

    SavedRequest savedRequest = 
            new HttpSessionRequestCache().getRequest(request, response);

    if (savedRequest == null) {
          return;
     }
    HttpSession session = request.getSession();
    session.removeAttribute(WebAttributes.AUTHENTICATION_EXCEPTION);


     // Use the DefaultSavedRequest URL
     String targetUrl = savedRequest.getRedirectUrl();
     logger.debug("Redirecting to DefaultSavedRequest Url: " + targetUrl);
     response.sendRedirect(targetUrl);
 }
项目:theskeleton    文件:SocialConfig.java   
@Bean
public SignInAdapter signInAdapter(UserDetailsService userDetailsService) {
    RequestCache requestCache = new HttpSessionRequestCache();
    return (userId, connection, request) -> {
        UserDetails userDetails = userDetailsService.loadUserByUsername(userId);
        Authentication authentication = new UsernamePasswordAuthenticationToken(userDetails, null, userDetails.getAuthorities());
        SecurityContextHolder.getContext().setAuthentication(authentication);
        SavedRequest savedRequest = requestCache.getRequest(request.getNativeRequest(HttpServletRequest.class), request.getNativeResponse(HttpServletResponse.class));
        return savedRequest == null ? null : savedRequest.getRedirectUrl();
    };
}
项目:pivotal-cla    文件:SecurityConfig.java   
@Override
public void handle(HttpServletRequest request, HttpServletResponse response,
        AccessDeniedException accessDeniedException) throws IOException, ServletException {
    User currentUser = getUser(SecurityContextHolder.getContext().getAuthentication());

    if (currentUser == null || currentUser.isAdminAccessRequested()) {
        deniedHandler.handle(request, response, accessDeniedException);
        return;
    }

    new HttpSessionRequestCache().saveRequest(request, response);
    entryPoint.commence(request, response,
            new InsufficientAuthenticationException("Additional OAuth Scopes required", accessDeniedException));
}
项目:psi-probe    文件:ProbeSecurityConfig.java   
/**
 * Gets the http session request cache.
 *
 * @return the http session request cache
 */
@Bean(name = "httpSessionRequestCache")
public HttpSessionRequestCache getHttpSessionRequestCache() {
  HttpSessionRequestCache cache = new HttpSessionRequestCache();
  cache.setCreateSessionAllowed(false);
  return cache;
}
项目:find    文件:InMemoryHodSecurity.java   
@SuppressWarnings("ProhibitedExceptionDeclared")
@Override
protected void configure(final HttpSecurity http) throws Exception {
    final AuthenticationSuccessHandler loginSuccessHandler = new LoginSuccessHandler(FindRole.CONFIG.toString(), FindController.CONFIG_PATH, "/p/");
    final HttpSessionRequestCache requestCache = new HttpSessionRequestCache();

    requestCache.setRequestMatcher(new OrRequestMatcher(
            new AntPathRequestMatcher("/p/**"),
            new AntPathRequestMatcher(FindController.CONFIG_PATH)
    ));

    http.regexMatcher("/p/.*|/config/.*|/authenticate|/logout")
        .authorizeRequests()
            .antMatchers("/p/**").hasRole(FindRole.ADMIN.name())
            .antMatchers(FindController.CONFIG_PATH).hasRole(FindRole.CONFIG.name())
            .and()
        .requestCache()
            .requestCache(requestCache)
            .and()
        .formLogin()
            .loginPage(FindController.DEFAULT_LOGIN_PAGE)
            .loginProcessingUrl("/authenticate")
            .successHandler(loginSuccessHandler)
            .failureUrl(FindController.DEFAULT_LOGIN_PAGE + "?error=auth")
            .and()
        .logout()
            .logoutSuccessHandler(new HodLogoutSuccessHandler(new HodTokenLogoutSuccessHandler(SsoController.SSO_LOGOUT_PAGE, tokenRepository), FindController.APP_PATH))
            .and()
        .csrf()
            .disable();
}
项目:bees-shop    文件:CustomerView.java   
private String getRedirectUrl(HttpServletRequest request, HttpServletResponse response) {
    SavedRequest savedRequest = new HttpSessionRequestCache().getRequest(request, response);
    if (savedRequest != null) {
        return savedRequest.getRedirectUrl();
    }
    return request.getContextPath() + "/";
}
项目:webapp-base    文件:LoginController.java   
private void addRequestUrlToModel(final HttpServletRequest request,
                                  final HttpServletResponse response,
                                  final Model model) {
    final SavedRequest savedRequest = new HttpSessionRequestCache().getRequest(request, response);
    String requestUrl = null;
    if (savedRequest != null) {
        requestUrl = savedRequest.getRedirectUrl();
    }
    model.addAttribute("requestUrl", requestUrl);
}
项目:nixmash-blog    文件:SocialConfig.java   
@Bean
public SignInAdapter signInAdapter() {
    return new SocialSignInAdapter(new HttpSessionRequestCache());
}
项目:dawn-marketplace-server    文件:MarketplaceApplication.java   
@Bean
public SignInAdapter signInAdapter() {
    return new SimpleSignInAdapter(new HttpSessionRequestCache());
}
项目:shinyproxy    文件:SocialConfiguration.java   
@Bean
public SignInAdapter signInAdapter() {
    return new SimpleSignInAdapter(new HttpSessionRequestCache());
}
项目:editor-de-servicos    文件:CustomLoginSuccessHandler.java   
public CustomLoginSuccessHandler(String defaultRedirectUrl, String loginUrl) {
    this.defaultRedirectUrl = defaultRedirectUrl;
    this.loginUrl = loginUrl;
    requestCache = new HttpSessionRequestCache();
    super.setRequestCache(requestCache);
}
项目:TechnologyReadinessTool    文件:CasAuthenticationEntryPoint.java   
public CasAuthenticationEntryPoint() {
    wrappedCasAuthEntryPoint = new org.springframework.security.cas.web.CasAuthenticationEntryPoint();
    cache = new HttpSessionRequestCache();
}
项目:lolibox    文件:SocialConfig.java   
@Bean
public ProviderSignInController providerSignInController(ConnectionFactoryLocator connectionFactoryLocator, UsersConnectionRepository usersConnectionRepository) {
    return new ProviderSignInController(connectionFactoryLocator, usersConnectionRepository, new SimpleSignInAdapter(new HttpSessionRequestCache()));
}
项目:profile    文件:AuthenticationRequiredHandlerImpl.java   
/**
 * Default constructor
 */
public AuthenticationRequiredHandlerImpl() {
    super();
    requestCache = new HttpSessionRequestCache();
}
项目:profile    文件:LoginSuccessHandlerImpl.java   
public LoginSuccessHandlerImpl() {
    super();
    requestCache = new HttpSessionRequestCache();
    alwaysUseDefaultTargetUrl = false;
}
项目:profile    文件:SavedRequestAwareProcessor.java   
public SavedRequestAwareProcessor() {
    requestCache = new HttpSessionRequestCache();
}
项目:LearningAnalyticsProcessor    文件:SecurityConfig.java   
@Bean
public RequestCache requestCache() {
  return new HttpSessionRequestCache();
}