com.communote.server.web.external.spring.security

Class CommunoteAuthenticationSuccessHandler

java.lang.Object

org.springframework.security.web.authentication.AbstractAuthenticationTargetUrlRequestHandler

org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler

com.communote.server.web.external.spring.security.CommunoteAuthenticationSuccessHandler

All Implemented Interfaces:

org.springframework.security.web.authentication.AuthenticationSuccessHandler

public class CommunoteAuthenticationSuccessHandler
extends org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler

Author:

Communote GmbH - http://www.communote.com/

Field Summary

Fields inherited from class org.springframework.security.web.authentication.AbstractAuthenticationTargetUrlRequestHandler

logger

Constructor Summary

Constructors

Constructor and Description
CommunoteAuthenticationSuccessHandler()

Method Summary

Modifier and Type	Method and Description
String	addRedirectionTarget(String urlToInclude, boolean strict) Add a URL which can be used as redirection target after successful authentication.
protected String	determineTargetUrl(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) Get the targetUrl from the request parameter returned by AbstractAuthenticationTargetUrlRequestHandler.getTargetUrlParameter().
protected void	handle(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, org.springframework.security.core.Authentication authentication)
boolean	removeRedirectionTarget(String url) Remove a URL which was previously added with addRedirectionTarget(String, boolean) or setRedirectionTargets(List)
void	setRedirectionTargets(List<String> urlsToInclude) Set the URLs which can be used as redirection target after successful authentication.
void	setRequestCache(org.springframework.security.web.savedrequest.RequestCache requestCache) Set a request cache to look for a redirection target if no target URL was provided by a request parameter.

Methods inherited from class org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler

clearAuthenticationAttributes, onAuthenticationSuccess

Methods inherited from class org.springframework.security.web.authentication.AbstractAuthenticationTargetUrlRequestHandler

getDefaultTargetUrl, getRedirectStrategy, getTargetUrlParameter, isAlwaysUseDefaultTargetUrl, setAlwaysUseDefaultTargetUrl, setDefaultTargetUrl, setRedirectStrategy, setTargetUrlParameter, setUseReferer

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

CommunoteAuthenticationSuccessHandler

public CommunoteAuthenticationSuccessHandler()

Method Detail

addRedirectionTarget

public String addRedirectionTarget(String urlToInclude,
                                   boolean strict)

Add a URL which can be used as redirection target after successful authentication. The URL should be relative and start after the client. It will be checked against the redirection target which is taken from the request parameter returned by AbstractAuthenticationTargetUrlRequestHandler.getTargetUrlParameter() or a cashed request. The found redirection target will only be used if it starts with one of the URLs added via this or the setRedirectionTargets(List) method.

Parameters:

urlToInclude - the URL to include

strict - true to take the URL as is, if false the URL will be trimmed and a "/" will be prepended if missing

Returns:

the added URL or null if the URL was null or absolute

determineTargetUrl

protected String determineTargetUrl(javax.servlet.http.HttpServletRequest request,
                                    javax.servlet.http.HttpServletResponse response)

Get the targetUrl from the request parameter returned by AbstractAuthenticationTargetUrlRequestHandler.getTargetUrlParameter(). The referer or the default URL are not considered.

Note: this method does not encode the client ID into the URL

Overrides:

determineTargetUrl in class org.springframework.security.web.authentication.AbstractAuthenticationTargetUrlRequestHandler

Parameters:

request - the current request

response - the current response

Returns:

the URL or null if no URL was set in the parameter

handle

protected void handle(javax.servlet.http.HttpServletRequest request,
                      javax.servlet.http.HttpServletResponse response,
                      org.springframework.security.core.Authentication authentication)
               throws IOException,
                      javax.servlet.ServletException

Overrides:

handle in class org.springframework.security.web.authentication.AbstractAuthenticationTargetUrlRequestHandler

Throws:

IOException

javax.servlet.ServletException

removeRedirectionTarget

public boolean removeRedirectionTarget(String url)

Remove a URL which was previously added with addRedirectionTarget(String, boolean) or setRedirectionTargets(List)

Parameters:

url - the URL to remove

Returns:

true if the URL was removed

setRedirectionTargets

public void setRedirectionTargets(List<String> urlsToInclude)

Set the URLs which can be used as redirection target after successful authentication. The URLs should be relative and start after the client. They will be checked against the redirection target which is taken from the request parameter returned by AbstractAuthenticationTargetUrlRequestHandler.getTargetUrlParameter() or a cashed request. The found redirection target will only be used if it starts with one of the URLs added via this or the addRedirectionTarget(String, boolean) method.

Parameters:

urlsToInclude - the URLs to include

setRequestCache

public void setRequestCache(org.springframework.security.web.savedrequest.RequestCache requestCache)

Set a request cache to look for a redirection target if no target URL was provided by a request parameter. By default a HttpSessionRequestCache will be used.

Parameters:

requestCache - the cache to use