diff --git a/core/src/main/java/org/acegisecurity/ui/AbstractProcessingFilter.java b/core/src/main/java/org/acegisecurity/ui/AbstractProcessingFilter.java index 76cccbb1e8..b48e71aaa5 100644 --- a/core/src/main/java/org/acegisecurity/ui/AbstractProcessingFilter.java +++ b/core/src/main/java/org/acegisecurity/ui/AbstractProcessingFilter.java @@ -81,14 +81,15 @@ import javax.servlet.http.HttpServletResponse; *

To configure this filter to redirect to specific pages as the result of specific {@link * AuthenticationException}s you can do the following. Configure the exceptionMappings property in your * application xml. This property is a java.util.Properties object that maps a fully-qualified exception class name to - * a redirection url target.
- * For example:
- * <property name="exceptionMappings">
- * *   <props>
- * *     <prop> key="org.acegisecurity.BadCredentialsException">/bad_credentials.jsp</prop>
- * *   </props>
- * * </property>
- * *
+ * a redirection url target. + * For example: + * 

+ *  <property name="exceptionMappings">
+ *    <props>
+ *      <prop> key="org.acegisecurity.BadCredentialsException">/bad_credentials.jsp</prop>
+ *    </props>
+ *  </property>
+ *
* The example above would redirect all {@link org.acegisecurity.BadCredentialsException}s thrown, to a page in the * web-application called /bad_credentials.jsp.

*

Any {@link AuthenticationException} thrown that cannot be matched in the exceptionMappings will @@ -122,7 +123,7 @@ public abstract class AbstractProcessingFilter implements Filter, InitializingBe private String authenticationFailureUrl; /** - * Where to redirect the browser to if authentication is successful but ACEGI_SECURITY_TARGET_URL_KEY is + * Where to redirect the browser to if authentication is successful but ACEGI_SAVED_REQUEST_KEY is * null */ private String defaultTargetUrl; @@ -134,7 +135,7 @@ public abstract class AbstractProcessingFilter implements Filter, InitializingBe private String filterProcessesUrl = getDefaultFilterProcessesUrl(); /** - * If true, will always redirect to {@link #defaultTargetUrl} upon successful authentication, + * If true, will always redirect to the value of {@link #getDefaultTargetUrl} upon successful authentication, * irrespective of the page that caused the authentication request (defaults to false). */ private boolean alwaysUseDefaultTargetUrl = false; @@ -231,6 +232,14 @@ public abstract class AbstractProcessingFilter implements Filter, InitializingBe */ public abstract String getDefaultFilterProcessesUrl(); + /** + * Supplies the default target Url that will be used if no saved request is found or the + * alwaysUseDefaultTargetUrl propert is set to true. + * Override this method of you want to provide a customized default Url (for example if you want different Urls + * depending on the authorities of the user who has just logged in). + * + * @return the defaultTargetUrl property + */ public String getDefaultTargetUrl() { return defaultTargetUrl; } @@ -377,7 +386,7 @@ public abstract class AbstractProcessingFilter implements Filter, InitializingBe } if (targetUrl == null) { - targetUrl = request.getContextPath() + defaultTargetUrl; + targetUrl = request.getContextPath() + getDefaultTargetUrl(); } if (logger.isDebugEnabled()) {