Examples of org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler

• org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler
  An authentication success strategy which can make use of the {@link DefaultSavedRequest} which may have been stored inthe session by the {@link ExceptionTranslationFilter}. When such a request is intercepted and requires authentication, the request data is stored to record the original destination before the authentication process commenced, and to allow the request to be reconstructed when a redirect to the same URL occurs. This class is responsible for performing the redirect to the original URL if appropriate.

  Following a successful authentication, it decides on the redirect destination, based on the following scenarios:

  • If the {@code alwaysUseDefaultTargetUrl} property is set to true, the {@code defaultTargetUrl}will be used for the destination. Any {@code DefaultSavedRequest} stored in the session will beremoved.
  • If the {@code targetUrlParameter} has been set on the request, the value will be used as the destination.Any {@code DefaultSavedRequest} will again be removed.
  • If a {@link SavedRequest} is found in the {@code RequestCache} (as set by the {@link ExceptionTranslationFilter} torecord the original destination before the authentication process commenced), a redirect will be performed to the Url of that original destination. The {@code SavedRequest} object will remain cached and be picked upwhen the redirected request is received (See {@link org.springframework.security.web.savedrequest.SavedRequestAwareWrapper SavedRequestAwareWrapper}).
  • If no {@code SavedRequest} is found, it will delegate to the base class.

  @author Luke Taylor @since 3.0

  public void init() {
//    System.err.println(" ---------------  MyAuthenticationFilter init--------------- ");
    this.setUsernameParameter(USERNAME);
    this.setPasswordParameter(PASSWORD);
    // 验证成功，跳转的页面
    SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
    successHandler.setDefaultTargetUrl(successUrl);
    this.setAuthenticationSuccessHandler(successHandler);

    // 验证失败，跳转的页面
    SimpleUrlAuthenticationFailureHandler failureHandler = new SimpleUrlAuthenticationFailureHandler();
    failureHandler.setDefaultFailureUrl(errorUrl);

        filter.setPostOnly(false);

        filter.setAuthenticationFailureHandler( new SimpleUrlAuthenticationFailureHandler(failureUrl) );

        SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
        successHandler.setDefaultTargetUrl(targetUrl);
        successHandler.setAlwaysUseDefaultTargetUrl( Boolean.parseBoolean( alwaysUseTargetUrl ) );
        filter.setAuthenticationSuccessHandler( successHandler);
    filter.setFilterProcessesUrl(targetUrl);
        filter.setFilterProcessesUrl( authUrl );
        filter.setRememberMeServices( rememberMeServices );

        filter.setPostOnly(false);

        filter.setAuthenticationFailureHandler( new SimpleUrlAuthenticationFailureHandler(failureUrl) );

        SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
        successHandler.setDefaultTargetUrl(targetUrl);
        successHandler.setAlwaysUseDefaultTargetUrl( Boolean.parseBoolean( alwaysUseTargetUrl ) );
        filter.setAuthenticationSuccessHandler( successHandler);
    filter.setRequiresAuthenticationRequestMatcher(new RequestMatcher() {

          // copied from AbstractAuthenticationProcessingFilter
      @Override

    @Before
    public void setUp() throws Exception {
        filter = new OpenIDAuthenticationFilter();
        filter.setConsumer(new MockOpenIDConsumer(REDIRECT_URL));
        SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
        filter.setAuthenticationSuccessHandler(new SavedRequestAwareAuthenticationSuccessHandler());
        successHandler.setDefaultTargetUrl(DEFAULT_TARGET_URL);
        filter.setAuthenticationManager(new AuthenticationManager() {
            public Authentication authenticate(Authentication a) {
                return a;
            }
        });

     *            authentication despite if a protected page had been previously
     *            visited
     * @return the {@link FormLoginConfigurer} for additional customization
     */
    public final T defaultSuccessUrl(String defaultSuccessUrl, boolean alwaysUse) {
        SavedRequestAwareAuthenticationSuccessHandler handler = new SavedRequestAwareAuthenticationSuccessHandler();
        handler.setDefaultTargetUrl(defaultSuccessUrl);
        handler.setAlwaysUseDefaultTargetUrl(alwaysUse);
        return successHandler(handler);
    }

        // Bootstrap to all requests
        protected Filter authenticationFilter() {

            AbstractAuthenticationProcessingFilter filter =
                    new SecurityContextAuthenticationFilter(SIGNIN_SUCCESS_PATH);
            SavedRequestAwareAuthenticationSuccessHandler successHandler =
                    new SavedRequestAwareAuthenticationSuccessHandler();
            successHandler.setDefaultTargetUrl("/admin");
            filter.setAuthenticationSuccessHandler(successHandler);
            return filter;
        }

     * @see org.springframework.security.saml.SAMLRelayStateSuccessHandler
     * @see org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler
     */
    @Deprecated
    public void setDefaultTargetUrl(String url) {
        SavedRequestAwareAuthenticationSuccessHandler handler = new SavedRequestAwareAuthenticationSuccessHandler();
        handler.setDefaultTargetUrl(url);
        setAuthenticationSuccessHandler(handler);
    }

     *            authentication despite if a protected page had been previously
     *            visited
     * @return the {@link FormLoginConfigurer} for additional customization
     */
    public final T defaultSuccessUrl(String defaultSuccessUrl, boolean alwaysUse) {
        SavedRequestAwareAuthenticationSuccessHandler handler = new SavedRequestAwareAuthenticationSuccessHandler();
        handler.setDefaultTargetUrl(defaultSuccessUrl);
        handler.setAlwaysUseDefaultTargetUrl(alwaysUse);
        return successHandler(handler);
    }

  @PostConstruct
  public void init()
  {
    if (defaultAuthenticationSuccessUrl != null && !defaultAuthenticationSuccessUrl.isEmpty())
    {
      SavedRequestAwareAuthenticationSuccessHandler savedRequestAwareAuthenticationSuccessHandler
      = new SavedRequestAwareAuthenticationSuccessHandler();
      savedRequestAwareAuthenticationSuccessHandler.setDefaultTargetUrl(defaultAuthenticationSuccessUrl);
      setAuthenticationSuccessHandler(savedRequestAwareAuthenticationSuccessHandler);
    }
  }

    @Autowired
    public Filter authenticationFilter(AuthenticationManager authenticationManager, RequestCache requestCache) {
        UsernamePasswordAuthenticationFilter authenticationFilter = new UsernamePasswordAuthenticationFilter();
        authenticationFilter.setFilterProcessesUrl(applicationUrl("/j_spring_security_check"));
        authenticationFilter.setAuthenticationManager(authenticationManager);
        SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
        successHandler.setRequestCache(requestCache);
        authenticationFilter.setAuthenticationSuccessHandler(successHandler);
        authenticationFilter.setAuthenticationFailureHandler(new SimpleUrlAuthenticationFailureHandler(applicationUrl("/login?login_error=1")));
        return authenticationFilter;
    }