Class Overview
An authentication success strategy which can make use of the DefaultSavedRequest
which may have been stored in
the session by the ExceptionTranslationFilter
. When such a request is intercepted and requires authentication,
the request data is stored to record the original destination before the authentication process commenced, and to
allow the request to be reconstructed when a redirect to the same URL occurs. This class is responsible for
performing the redirect to the original URL if appropriate.
Following a successful authentication, it decides on the redirect destination, based on the following scenarios:
-
If the
alwaysUseDefaultTargetUrl
property is set to true, the defaultTargetUrl
will be used for the destination. Any DefaultSavedRequest
stored in the session will be
removed.
-
If the
targetUrlParameter
has been set on the request, the value will be used as the destination.
Any DefaultSavedRequest
will again be removed.
-
If a
SavedRequest
is found in the RequestCache
(as set by the ExceptionTranslationFilter
to
record the original destination before the authentication process commenced), a redirect will be performed to the
Url of that original destination. The SavedRequest
object will remain cached and be picked up
when the redirected request is received
(See org.springframework.security.web.savedrequest.SavedRequestAwareWrapper SavedRequestAwareWrapper).
-
If no
SavedRequest
is found, it will delegate to the base class.
Summary
Fields |
protected
final
Log |
logger |
|
Public Methods |
void
|
onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication)
Calls the parent class handle() method to forward or redirect to the target URL, and
then calls clearAuthenticationAttributes() to remove any leftover session data.
|
void
|
setRequestCache(RequestCache requestCache)
|
Fields
protected
final
Log
logger
Public Constructors
public
SavedRequestAwareAuthenticationSuccessHandler
()
Public Methods
public
void
onAuthenticationSuccess
(HttpServletRequest request, HttpServletResponse response, Authentication authentication)
Calls the parent class handle()
method to forward or redirect to the target URL, and
then calls clearAuthenticationAttributes()
to remove any leftover session data.
Parameters
request
| the request which caused the successful authentication |
response
| the response |
authentication
| the Authentication object which was created during the authentication process.
|