That is correct - the saveRequest method is provided in this class so subclasses across the hierarchy don't have to re-implement the logic themselves.
But IIRC, all of JSecurity's filters will redirect to the originally requested page after a successful authentication. This is because they all call the saveRequestAndRedirectToLogin if the user is required to be authenticated but are not yet authenticated. However, I'm not sure how the 'defaultTargetUrl' option is related to saveRequestAndRedirectToLogin. Are you saying you'd like the option to _not_ be redirected back to the originally requested page after successful login? On Mon, Mar 9, 2009 at 12:59 AM, Kalle Korhonen <[email protected]>wrote: > I'd like to automatically redirect user to the originally requested page > after a successful authentication. How is one supposed to use > AccessControlFilter's saveRequest()? Looking at the Javadocs and the source > of AccessControlFilter and its subclasses, it seems like its meant to be > explicitly called by a subclass rather than controlled by setting some > property. Certainly I can make a custom implementation but it would likely > be useful if it was configurable. Compare > http://www.jsecurity.org/api/org/jsecurity/web/filter/AccessControlFilter.htmlto > Acegi's > http://www.acegisecurity.org/acegi-security/apidocs/org/acegisecurity/ui/AbstractProcessingFilter.html. > The latter contains a "defaultTargetUrl" but also automatically saves the > original target location, and the actual url used for redirect depends on > the value of alwaysUseDefaultTargetUrl flag. Just wondering if I missed some > class in Jsec/Ki where similar behavior is already implemented. > > Kalle >
