Get initial requested url in spring security 4

Question

Recently I have upgrade my all project API's like Spring, Spring Security, Hibernate, Maven, Java. Before upgrade I was using Spring 3 and Spring Security 2. Now I am using Spring 4 and Spring Security 4 in my project and I have also used cas authentication for login. When user logged in my application, based on the initial requested URL I want to set target URL of user. Before upgrade it was working fine.

I was using this SPRING_SECURITY_SAVED_REQUEST_KEY to get initial request URL.

Now I am using -

savedRequest = new HttpSessionRequestCache().getRequest(request, response);

to get initial request but it always return null.

Is there any way to get initial request of user after login?

Answer 1

Here is how I used the SavedRequestAwareAuthenticationSuccessHandler.

In my case I had an authorization server at localhost:8081 and the secured UI at localhost:8083/app.

In the Authorization server I created the following class:

@Component
public class AuthenticationSuccessHandler extends SavedRequestAwareAuthenticationSuccessHandler {   

    @Override
    public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response,
                                        Authentication authentication) throws IOException, ServletException {
        setDefaultTargetUrl("http://localhost:8083/app");
        super.onAuthenticationSuccess(request, response, authentication);
    }
}

In my case there were 3 scenarios of user logging in:

1. User navigates to http://localhost:8081/login
2. User navigates to http://localhost:8083/app
3. User navigates to any secured url within the app like http://localhost:8083/app/files

The class above covers every one of these scenarios by redirecting the user to the original url or if the user choose to login via http://localhost:8081/login, it redirects them to the default target url which is http://localhost:8083/app.

Answer 2

you can use SavedRequestAwareAuthenticationSuccessHandler