iSharkFly-Docs
/
java-tutorials
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

work on custom success handler

This commit is contained in:
eugenp 2013-07-15 22:37:16 +03:00
parent dc2323f12d
commit 6458f2f32a
1 changed files with 21 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

56
spring-security-mvc-custom/src/main/java/org/baeldung/security/MySimpleUrlAuthenticationSuccessHandler.java
View File

@ -3,7 +3,6 @@ package org.baeldung.security;
import java.io.IOException; import java.io.IOException;
import java.util.Collection; import java.util.Collection;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession; import javax.servlet.http.HttpSession;
@ -12,7 +11,6 @@ import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory; import org.apache.commons.logging.LogFactory;
import org.springframework.security.core.Authentication; import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.DefaultRedirectStrategy; import org.springframework.security.web.DefaultRedirectStrategy;
import org.springframework.security.web.RedirectStrategy; import org.springframework.security.web.RedirectStrategy;
import org.springframework.security.web.WebAttributes; import org.springframework.security.web.WebAttributes;
@ -27,13 +25,18 @@ public class MySimpleUrlAuthenticationSuccessHandler implements AuthenticationSu
super(); super();
} }
/** // API
* Invokes the configured {@code RedirectStrategy} with the URL returned by the {@code determineTargetUrl} method.
* <p> @Override
* The redirect will not be performed if the response has already been committed. public void onAuthenticationSuccess(final HttpServletRequest request, final HttpServletResponse response, final Authentication authentication) throws IOException {
*/ handle(request, response, authentication);
protected void handle(final HttpServletRequest request, final HttpServletResponse response, final Authentication authentication) throws IOException, ServletException { clearAuthenticationAttributes(request);
final String targetUrl = determineTargetUrl(request, response); }
// IMPL
protected void handle(final HttpServletRequest request, final HttpServletResponse response, final Authentication authentication) throws IOException {
final String targetUrl = determineTargetUrl(authentication);
if (response.isCommitted()) { if (response.isCommitted()) {
logger.debug("Response has already been committed. Unable to redirect to " + targetUrl); logger.debug("Response has already been committed. Unable to redirect to " + targetUrl);
@ -43,13 +46,9 @@ public class MySimpleUrlAuthenticationSuccessHandler implements AuthenticationSu
redirectStrategy.sendRedirect(request, response, targetUrl); redirectStrategy.sendRedirect(request, response, targetUrl);
} }
/** protected String determineTargetUrl(final Authentication authentication) {
* Builds the target URL according to the logic defined in the main class Javadoc.
*/
protected String determineTargetUrl(final HttpServletRequest requestRaw, final HttpServletResponse response) {
boolean isUser = false; boolean isUser = false;
boolean isAdmin = false; boolean isAdmin = false;
final Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
final Collection<? extends GrantedAuthority> authorities = authentication.getAuthorities(); final Collection<? extends GrantedAuthority> authorities = authentication.getAuthorities();
for (final GrantedAuthority grantedAuthority : authorities) { for (final GrantedAuthority grantedAuthority : authorities) {
if (grantedAuthority.getAuthority().equals("ROLE_USER")) { if (grantedAuthority.getAuthority().equals("ROLE_USER")) {
@ -70,27 +69,6 @@ public class MySimpleUrlAuthenticationSuccessHandler implements AuthenticationSu
} }
} }
/**
* Allows overriding of the behavior when redirecting to a target URL.
*/
public void setRedirectStrategy(final RedirectStrategy redirectStrategy) {
this.redirectStrategy = redirectStrategy;
}
protected RedirectStrategy getRedirectStrategy() {
return redirectStrategy;
}
/**
* Calls the parent class {@code handle()} method to forward or redirect to the target URL, and
* then calls {@code clearAuthenticationAttributes()} to remove any leftover session data.
*/
@Override
public void onAuthenticationSuccess(final HttpServletRequest request, final HttpServletResponse response, final Authentication authentication) throws IOException, ServletException {
handle(request, response, authentication);
clearAuthenticationAttributes(request);
}
/** /**
* Removes temporary authentication-related data which may have been stored in the session * Removes temporary authentication-related data which may have been stored in the session
* during the authentication process. * during the authentication process.
@ -105,4 +83,12 @@ public class MySimpleUrlAuthenticationSuccessHandler implements AuthenticationSu
session.removeAttribute(WebAttributes.AUTHENTICATION_EXCEPTION); session.removeAttribute(WebAttributes.AUTHENTICATION_EXCEPTION);
} }
public void setRedirectStrategy(final RedirectStrategy redirectStrategy) {
this.redirectStrategy = redirectStrategy;
}
protected RedirectStrategy getRedirectStrategy() {
return redirectStrategy;
}
} }