Examples of org.springframework.security.web.savedrequest.SavedRequest

• org.springframework.security.web.savedrequest.SavedRequest
  Encapsulates the functionality required of a cached request for both an authentication mechanism (typically form-based login) to redirect to the original URL and for a RequestCache to build a wrapped request, reproducing the original request data. @author Luke Taylor @since 3.0

    private RequestCache requestCache = new HttpSessionRequestCache();

    @Override
    public void onAuthenticationSuccess(final HttpServletRequest request, final HttpServletResponse response, final Authentication authentication) throws ServletException, IOException {
        final SavedRequest savedRequest = requestCache.getRequest(request, response);

        if (savedRequest == null) {
            super.onAuthenticationSuccess(request, response, authentication);

            return;

    private RequestCache requestCache = new HttpSessionRequestCache();

    @Override
    public void onAuthenticationSuccess(final HttpServletRequest request, final HttpServletResponse response, final Authentication authentication) throws ServletException, IOException {
        final SavedRequest savedRequest = requestCache.getRequest(request, response);

        if (savedRequest == null) {
            clearAuthenticationAttributes(request);
            return;
        }

        Authentication auth = getSession().getAuthentication();
        if(auth == null || !auth.isAuthenticated() || auth instanceof AnonymousAuthenticationToken) {
            // emulate what spring security url control would do so that we get a proper redirect after login
            HttpServletRequest httpRequest = ((WebRequest) getRequest()).getHttpServletRequest();
            //ExceptionTranslationFilter translator = (ExceptionTranslationFilter) getGeoServerApplication().getBean("consoleExceptionTranslationFilter");
            SavedRequest savedRequest = new DefaultSavedRequest(httpRequest, new PortResolverImpl());

            HttpSession session = httpRequest.getSession();
            // TODO, Justin, WebAttributes.SAVED_REQUEST has disappeared in spring security framework
            session.setAttribute(SAVED_REQUEST, savedRequest);

    public void testSecuredPageGivesRedirectWhenLoggedOut() {
        logout();
        tester.startPage(LayerPage.class);
        tester.assertRenderedPage(GeoServerLoginPage.class);
        // make sure the spring security emulation is properly setup
        SavedRequest sr = (SavedRequest) tester.getServletSession().getAttribute(GeoServerSecuredPage.SAVED_REQUEST);
        assertNotNull(sr);
        assertTrue(sr.getRedirectUrl().endsWith("?wicket:bookmarkablePage=:org.geoserver.web.data.layer.LayerPage"));

    }

    logger.info("User '{}' logged in", user);

    // Try to redirect the user to the initial url
    HttpSession session = request.getSession(false);
    if (session != null) {
      SavedRequest savedRequest = (SavedRequest) session.getAttribute(SAVED_REQUEST);
      if (savedRequest != null) {
        response.sendRedirect(addTimeStamp(savedRequest.getRedirectUrl()));
        return;
      }
    }

    // If the user was intending to edit a page, let him do just that

    }

    // check the SavedRequest's headers
    HttpSession httpSession = request.getSession(false);
    if (httpSession != null) {
      SavedRequest savedRequest = (SavedRequest)httpSession.getAttribute(SAVED_REQUEST);
      if (savedRequest != null) {
        return !savedRequest.getHeaderValues(ajaxHeaderName).isEmpty();
      }
    }

    return false;
  }