how to extend LoginUrlAuthenticationEntryPoint or how to implement AuthenticationEntryPoint
Figured it out. Just needed to forward to the login page with 'returnto' appended. I found it confusing at first because LoginUrlAuthenticationEntryPoint
didn't mean 'this redirects users to the login page' at first glance. This is all I needed:
@Override
public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authenticationException) throws IOException, ServletException {
RedirectStrategy redirectStrategy = new DefaultRedirectStrategy();
redirectStrategy.sendRedirect(request, response, "/login?returnto=" + request.getServletPath());
}
this was useful: LoginUrlAuthenticationEntryPoint.java on grepcode.com
Josh
Updated on June 14, 2022Comments
-
Josh almost 2 years
I'm trying to do this: Make spring security add the return to url in the query string for the login page , that is: get spring to tell the login page where I came from. I have some SSO integration.. so I'll send the url to them, or they'll append the referer for me, so I know that the user should be logged in and sent to
/some/url
. That's all dandy. The issue I'm having is in extendingLoginUrlAuthenticationEntryPoint
(unless you can tell me a good reason to implementAuthenticationEntryPoint
instead). I need to only modify requests to the login page, like so:RedirectStrategy redirectStrategy = new DefaultRedirectStrategy(); // only append returnto to '/login' urls if(request.getServletPath() == "/login") { // indicates we want to return to this page after login redirectStrategy.sendRedirect(request, response, "/login?returnto=" + request.getServletPath()); }
How can I let the rest of the requests do their thing? This is incorrect (what I was just doing):
RequestDispatcher dispatcher = request.getRequestDispatcher("/login"); // just forward the request dispatcher.forward(request, response);
because it puts us in a redirect loop. However it seems to be what spring does in its version of
commence
. I'm confused. What am I supposed to be doing withcommence
in my custom extension toLoginUrlAuthenticationEntryPoint
?