/** * Gets the {@link RequestCache} to use. If one is defined using * {@link #requestCache(org.springframework.security.web.savedrequest.RequestCache)}, * then it is used. Otherwise, an attempt to find a {@link RequestCache} shared object * is made. If that fails, an {@link HttpSessionRequestCache} is used * * @param http the {@link HttpSecurity} to attempt to fined the shared object * @return the {@link RequestCache} to use */ private RequestCache getRequestCache(H http) { RequestCache result = http.getSharedObject(RequestCache.class); if (result != null) { return result; } return new HttpSessionRequestCache(); } }
/** * Gets the {@link RequestCache} to use. If one is defined using * {@link #requestCache(org.springframework.security.web.savedrequest.RequestCache)}, * then it is used. Otherwise, an attempt to find a {@link RequestCache} shared object * is made. If that fails, an {@link HttpSessionRequestCache} is used * * @param http the {@link HttpSecurity} to attempt to fined the shared object * @return the {@link RequestCache} to use */ private RequestCache getRequestCache(H http) { RequestCache result = http.getSharedObject(RequestCache.class); if (result != null) { return result; } result = getBeanOrNull(RequestCache.class); if (result != null) { return result; } HttpSessionRequestCache defaultCache = new HttpSessionRequestCache(); defaultCache.setRequestMatcher(createDefaultSavedRequestMatcher(http)); return defaultCache; }
HttpSessionRequestCache cache = new HttpSessionRequestCache(); cache.setCreateSessionAllowed(false); ExceptionTranslationFilter filter = new ExceptionTranslationFilter(ep, cache);
@Override protected final void successfulAuthentication(HttpServletRequest request, HttpServletResponse response, FilterChain chain, Authentication authResult) throws IOException, ServletException { if (logger.isDebugEnabled()) { logger.debug("Authentication success. Updating SecurityContextHolder to contain: " + authResult); } SecurityContextHolder.getContext().setAuthentication(authResult); // Fire event if (this.authenticationEventPublisher != null) { authenticationEventPublisher.publishAuthenticationSuccess(authResult); } // store jwt authentication cookie to secure management restricted operations Cookie jwtAuthenticationCookie = createJWTAuthenticationCookie(authResult); response.addCookie(jwtAuthenticationCookie); // Store the saved HTTP request itself. Used by LoginController (login/callback method) // for redirection after successful authentication SavedRequest savedRequest = new HttpSessionRequestCache().getRequest(request, response); if (savedRequest != null && request.getSession(false) != null) { request.getSession(false).setAttribute(SAVED_REQUEST, savedRequest); } chain.doFilter(request, response); }
public HttpServletRequest getMatchingRequest(HttpServletRequest request, HttpServletResponse response) { SavedRequest saved = getRequest(request, response); if (!matchesSavedRequest(request, saved)) { logger.debug("saved request doesn't match"); return null; } removeRequest(request, response); return new SavedRequestAwareWrapper(saved, request); }
SavedRequest savedRequest = new HttpSessionRequestCache().getRequest(request, response); if(savedRequest != null) { url = savedRequest.getRedirectUrl();
@Test public void doFilterWhenAuthorizationResponseSuccessHasSavedRequestThenRedirectedToSavedRequest() throws Exception { String requestUri = "/saved-request"; MockHttpServletRequest request = new MockHttpServletRequest("GET", requestUri); request.setServletPath(requestUri); MockHttpServletResponse response = new MockHttpServletResponse(); RequestCache requestCache = new HttpSessionRequestCache(); requestCache.saveRequest(request, response); requestUri = "/callback/client-1"; request.setRequestURI(requestUri); request.addParameter(OAuth2ParameterNames.CODE, "code"); request.addParameter(OAuth2ParameterNames.STATE, "state"); FilterChain filterChain = mock(FilterChain.class); this.setUpAuthorizationRequest(request, response, this.registration1); this.setUpAuthenticationResult(this.registration1); this.filter.doFilter(request, response, filterChain); assertThat(response.getRedirectedUrl()).isEqualTo("http://localhost/saved-request"); }
/** * Gets the {@link RequestCache} to use. If one is defined using * {@link #requestCache(org.springframework.security.web.savedrequest.RequestCache)}, * then it is used. Otherwise, an attempt to find a {@link RequestCache} shared object * is made. If that fails, an {@link HttpSessionRequestCache} is used * * @param http the {@link HttpSecurity} to attempt to fined the shared object * @return the {@link RequestCache} to use */ private RequestCache getRequestCache(H http) { RequestCache result = http.getSharedObject(RequestCache.class); if (result != null) { return result; } result = getBeanOrNull(RequestCache.class); if (result != null) { return result; } HttpSessionRequestCache defaultCache = new HttpSessionRequestCache(); defaultCache.setRequestMatcher(createDefaultSavedRequestMatcher(http)); return defaultCache; }
/** * Gets the http session request cache. * * @return the http session request cache */ @Bean(name = "httpSessionRequestCache") public HttpSessionRequestCache getHttpSessionRequestCache() { HttpSessionRequestCache cache = new HttpSessionRequestCache(); cache.setCreateSessionAllowed(false); return cache; }
/** * Gets the {@link RequestCache} to use. If one is defined using * {@link #requestCache(org.springframework.security.web.savedrequest.RequestCache)}, * then it is used. Otherwise, an attempt to find a {@link RequestCache} shared object * is made. If that fails, an {@link HttpSessionRequestCache} is used * * @param http the {@link HttpSecurity} to attempt to fined the shared object * @return the {@link RequestCache} to use */ private RequestCache getRequestCache(H http) { RequestCache result = http.getSharedObject(RequestCache.class); if (result != null) { return result; } return new HttpSessionRequestCache(); } }
/** * Gets the {@link RequestCache} to use. If one is defined using * {@link #requestCache(org.springframework.security.web.savedrequest.RequestCache)}, * then it is used. Otherwise, an attempt to find a {@link RequestCache} shared object * is made. If that fails, an {@link HttpSessionRequestCache} is used * * @param http the {@link HttpSecurity} to attempt to fined the shared object * @return the {@link RequestCache} to use */ private RequestCache getRequestCache(H http) { RequestCache result = http.getSharedObject(RequestCache.class); if (result != null) { return result; } result = getBeanOrNull(RequestCache.class); if (result != null) { return result; } HttpSessionRequestCache defaultCache = new HttpSessionRequestCache(); defaultCache.setRequestMatcher(createDefaultSavedRequestMatcher(http)); return defaultCache; }
/** * Default constructor */ public AuthenticationRequiredHandlerImpl() { super(); requestCache = new HttpSessionRequestCache(); }
public LoginSuccessHandlerImpl() { super(); requestCache = new HttpSessionRequestCache(); alwaysUseDefaultTargetUrl = false; }
@Bean public RequestCache requestCache() { return new HttpSessionRequestCache(); }
public RequestCacheAwareFilter() { this(new HttpSessionRequestCache()); }
public SavedRequestAwareProcessor() { requestCache = new HttpSessionRequestCache(); }
public ExceptionTranslationFilter(AuthenticationEntryPoint authenticationEntryPoint) { this(authenticationEntryPoint, new HttpSessionRequestCache()); }
@Bean public ProviderSignInController providerSignInController(ConnectionFactoryLocator connectionFactoryLocator, UsersConnectionRepository usersConnectionRepository) { return new ProviderSignInController(connectionFactoryLocator, usersConnectionRepository, new SimpleSignInAdapter(new HttpSessionRequestCache())); } }
@Controller @RequestMapping(LoginController.ROOT_MAPPING) public class LoginController { @RequestMapping("/login**") public String login(HttpServletRequest request, Model model) { // model.addAttribute("requestedResource", requestedResource); SavedRequest savedRequest = new HttpSessionRequestCache().getRequest(request, response); String url = savedRequest.getRedirectUrl(); // do what you want with url variable and OAuth... return "login"; } }
/** * Gets the {@link RequestCache} to use. If one is defined using * {@link #requestCache(org.springframework.security.web.savedrequest.RequestCache)}, * then it is used. Otherwise, an attempt to find a {@link RequestCache} shared object * is made. If that fails, an {@link HttpSessionRequestCache} is used * * @param http the {@link HttpSecurity} to attempt to fined the shared object * @return the {@link RequestCache} to use */ private RequestCache getRequestCache(H http) { RequestCache result = http.getSharedObject(RequestCache.class); if (result != null) { return result; } return new HttpSessionRequestCache(); } }