Spring Redirect after login
I am using Spring's SavedRequestAwareAuthenticationSuccessHandler
configured like this
<bean id="successRedirectHandler" class="org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler">
<property name="defaultTargetUrl" value="/" />
</bean>
<security:authentication-manager alias="authenticationManager">
<security:authentication-provider ref="samlAuthenticationProvider" />
</security:authentication-manager>
<bean id="samlWebSSOProcessingFilter" class="org.springframework.security.saml.SAMLProcessingFilter">
<property name="authenticationManager" ref="authenticationManager" />
<property name="authenticationSuccessHandler" ref="successRedirectHandler" />
<property name="authenticationFailureHandler" ref="failureRedirectHandler" />
</bean>
and it is not working as I expected (after authentication -> redirect to website that was called first - the url being for example localhost:8443/myWebApp/getDetail?id=123
).
When I access an url that must be authenticated it only redirects me to my login (google SAML if that makes a difference) and after authentication it calls onAuthenticationSuccess
method which should then redirect me to first called url localhost:8443/myWebApp/getDetail?id=123
I looked at and debugged the SavedRequestAwareAuthenticationSuccessHandler
and it contains RequestCache requestCache = new HttpSessionRequestCache()
which should contain my request but it does not contain the request that could redirect me to correct webpage.
SavedRequestAwareAuthenticationSuccessHandler contains this part of code
requestCache.getRequest(request, response)
which calls
currentRequest.getSession(false)
and it ends up returning NULL
What I've tried so far
1) Changing to SimpleUrlAuthenticationSuccessHandler
with useReferer
set to true (keeps redirecting forever)
2) this tutorial (https://www.baeldung.com/spring_redirect_after_login) -- can't use, since I do not have login form, I authenticate with google SAML
java spring spring-security saml-2.0
add a comment |
I am using Spring's SavedRequestAwareAuthenticationSuccessHandler
configured like this
<bean id="successRedirectHandler" class="org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler">
<property name="defaultTargetUrl" value="/" />
</bean>
<security:authentication-manager alias="authenticationManager">
<security:authentication-provider ref="samlAuthenticationProvider" />
</security:authentication-manager>
<bean id="samlWebSSOProcessingFilter" class="org.springframework.security.saml.SAMLProcessingFilter">
<property name="authenticationManager" ref="authenticationManager" />
<property name="authenticationSuccessHandler" ref="successRedirectHandler" />
<property name="authenticationFailureHandler" ref="failureRedirectHandler" />
</bean>
and it is not working as I expected (after authentication -> redirect to website that was called first - the url being for example localhost:8443/myWebApp/getDetail?id=123
).
When I access an url that must be authenticated it only redirects me to my login (google SAML if that makes a difference) and after authentication it calls onAuthenticationSuccess
method which should then redirect me to first called url localhost:8443/myWebApp/getDetail?id=123
I looked at and debugged the SavedRequestAwareAuthenticationSuccessHandler
and it contains RequestCache requestCache = new HttpSessionRequestCache()
which should contain my request but it does not contain the request that could redirect me to correct webpage.
SavedRequestAwareAuthenticationSuccessHandler contains this part of code
requestCache.getRequest(request, response)
which calls
currentRequest.getSession(false)
and it ends up returning NULL
What I've tried so far
1) Changing to SimpleUrlAuthenticationSuccessHandler
with useReferer
set to true (keeps redirecting forever)
2) this tutorial (https://www.baeldung.com/spring_redirect_after_login) -- can't use, since I do not have login form, I authenticate with google SAML
java spring spring-security saml-2.0
add a comment |
I am using Spring's SavedRequestAwareAuthenticationSuccessHandler
configured like this
<bean id="successRedirectHandler" class="org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler">
<property name="defaultTargetUrl" value="/" />
</bean>
<security:authentication-manager alias="authenticationManager">
<security:authentication-provider ref="samlAuthenticationProvider" />
</security:authentication-manager>
<bean id="samlWebSSOProcessingFilter" class="org.springframework.security.saml.SAMLProcessingFilter">
<property name="authenticationManager" ref="authenticationManager" />
<property name="authenticationSuccessHandler" ref="successRedirectHandler" />
<property name="authenticationFailureHandler" ref="failureRedirectHandler" />
</bean>
and it is not working as I expected (after authentication -> redirect to website that was called first - the url being for example localhost:8443/myWebApp/getDetail?id=123
).
When I access an url that must be authenticated it only redirects me to my login (google SAML if that makes a difference) and after authentication it calls onAuthenticationSuccess
method which should then redirect me to first called url localhost:8443/myWebApp/getDetail?id=123
I looked at and debugged the SavedRequestAwareAuthenticationSuccessHandler
and it contains RequestCache requestCache = new HttpSessionRequestCache()
which should contain my request but it does not contain the request that could redirect me to correct webpage.
SavedRequestAwareAuthenticationSuccessHandler contains this part of code
requestCache.getRequest(request, response)
which calls
currentRequest.getSession(false)
and it ends up returning NULL
What I've tried so far
1) Changing to SimpleUrlAuthenticationSuccessHandler
with useReferer
set to true (keeps redirecting forever)
2) this tutorial (https://www.baeldung.com/spring_redirect_after_login) -- can't use, since I do not have login form, I authenticate with google SAML
java spring spring-security saml-2.0
I am using Spring's SavedRequestAwareAuthenticationSuccessHandler
configured like this
<bean id="successRedirectHandler" class="org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler">
<property name="defaultTargetUrl" value="/" />
</bean>
<security:authentication-manager alias="authenticationManager">
<security:authentication-provider ref="samlAuthenticationProvider" />
</security:authentication-manager>
<bean id="samlWebSSOProcessingFilter" class="org.springframework.security.saml.SAMLProcessingFilter">
<property name="authenticationManager" ref="authenticationManager" />
<property name="authenticationSuccessHandler" ref="successRedirectHandler" />
<property name="authenticationFailureHandler" ref="failureRedirectHandler" />
</bean>
and it is not working as I expected (after authentication -> redirect to website that was called first - the url being for example localhost:8443/myWebApp/getDetail?id=123
).
When I access an url that must be authenticated it only redirects me to my login (google SAML if that makes a difference) and after authentication it calls onAuthenticationSuccess
method which should then redirect me to first called url localhost:8443/myWebApp/getDetail?id=123
I looked at and debugged the SavedRequestAwareAuthenticationSuccessHandler
and it contains RequestCache requestCache = new HttpSessionRequestCache()
which should contain my request but it does not contain the request that could redirect me to correct webpage.
SavedRequestAwareAuthenticationSuccessHandler contains this part of code
requestCache.getRequest(request, response)
which calls
currentRequest.getSession(false)
and it ends up returning NULL
What I've tried so far
1) Changing to SimpleUrlAuthenticationSuccessHandler
with useReferer
set to true (keeps redirecting forever)
2) this tutorial (https://www.baeldung.com/spring_redirect_after_login) -- can't use, since I do not have login form, I authenticate with google SAML
java spring spring-security saml-2.0
java spring spring-security saml-2.0
edited Nov 12 '18 at 13:55
hoci kto
asked Nov 12 '18 at 11:00
hoci ktohoci kto
102111
102111
add a comment |
add a comment |
0
active
oldest
votes
Your Answer
StackExchange.ifUsing("editor", function () {
StackExchange.using("externalEditor", function () {
StackExchange.using("snippets", function () {
StackExchange.snippets.init();
});
});
}, "code-snippets");
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "1"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53260727%2fspring-redirect-after-login%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
0
active
oldest
votes
0
active
oldest
votes
active
oldest
votes
active
oldest
votes
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Some of your past answers have not been well-received, and you're in danger of being blocked from answering.
Please pay close attention to the following guidance:
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53260727%2fspring-redirect-after-login%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown