how to extend LoginUrlAuthenticationEntryPoint or how to implement AuthenticationEntryPoint

spring-security
13,190

Figured it out. Just needed to forward to the login page with 'returnto' appended. I found it confusing at first because LoginUrlAuthenticationEntryPoint didn't mean 'this redirects users to the login page' at first glance. This is all I needed:

@Override
public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authenticationException) throws IOException, ServletException {
    RedirectStrategy redirectStrategy = new DefaultRedirectStrategy();

    redirectStrategy.sendRedirect(request, response, "/login?returnto=" + request.getServletPath());
}

this was useful: LoginUrlAuthenticationEntryPoint.java on grepcode.com

Share:
13,190
Josh
Author by

Josh

Updated on June 14, 2022

Comments

  • Josh
    Josh almost 2 years

    I'm trying to do this: Make spring security add the return to url in the query string for the login page , that is: get spring to tell the login page where I came from. I have some SSO integration.. so I'll send the url to them, or they'll append the referer for me, so I know that the user should be logged in and sent to /some/url. That's all dandy. The issue I'm having is in extending LoginUrlAuthenticationEntryPoint (unless you can tell me a good reason to implement AuthenticationEntryPoint instead). I need to only modify requests to the login page, like so:

    RedirectStrategy redirectStrategy = new DefaultRedirectStrategy();

// only append returnto to '/login' urls
if(request.getServletPath() == "/login") {
    // indicates we want to return to this page after login
    redirectStrategy.sendRedirect(request, response, "/login?returnto=" + request.getServletPath());
}

    How can I let the rest of the requests do their thing? This is incorrect (what I was just doing):

    RequestDispatcher dispatcher = request.getRequestDispatcher("/login");

// just forward the request
dispatcher.forward(request, response);

    because it puts us in a redirect loop. However it seems to be what spring does in its version of commence. I'm confused. What am I supposed to be doing with commence in my custom extension to LoginUrlAuthenticationEntryPoint?

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

How to use AuthorizationServerSecurityConfigurer?
Integrating Spring Security with SiteMinder
spring security get user id from DB
Spring Boot/ Spring Security, login form, password checking
how to achieve Ldap Authentication using spring security(spring boot)
How to Integrate JCaptcha in Spring Security
How to login a user programmatically using Spring-security?
Step by step login example using spring security 3.0 with hdbc
Why jsessionid is appended to each url?
Connect multiple authentication mechanisms Spring Boot Security