On Mon, Mar 9, 2009 at 6:00 AM, Les Hazlewood <[email protected]> wrote:
> That is correct - the saveRequest method is provided in this class so > subclasses across the hierarchy don't have to re-implement the logic > themselves. > But IIRC, all of JSecurity's filters will redirect to the originally > requested page after a successful authentication. This is because they all > call the saveRequestAndRedirectToLogin if the user is required to be > authenticated but are not yet authenticated. Ok, this wasn't clear from the docs. > > However, I'm not sure how the 'defaultTargetUrl' option is related to > saveRequestAndRedirectToLogin. Are you saying you'd like the option to > _not_ be redirected back to the originally requested page after successful > login? No. In my case I was always being redirected to default DEFAULT_SUCCESS_URL (i.e."/index.jsp") but that problem may be specific to my Tapestry integration then if you say it should work. Where's saveRequestAndRedirectToLogin called? In FormAuthenticationFilter I only see it being called onAccessDenied when the request is *not* a login request. Kalle > On Mon, Mar 9, 2009 at 12:59 AM, Kalle Korhonen < > [email protected]> wrote: > >> I'd like to automatically redirect user to the originally requested page >> after a successful authentication. How is one supposed to use >> AccessControlFilter's saveRequest()? Looking at the Javadocs and the source >> of AccessControlFilter and its subclasses, it seems like its meant to be >> explicitly called by a subclass rather than controlled by setting some >> property. Certainly I can make a custom implementation but it would likely >> be useful if it was configurable. Compare >> http://www.jsecurity.org/api/org/jsecurity/web/filter/AccessControlFilter.htmlto >> Acegi's >> http://www.acegisecurity.org/acegi-security/apidocs/org/acegisecurity/ui/AbstractProcessingFilter.html. >> The latter contains a "defaultTargetUrl" but also automatically saves the >> original target location, and the actual url used for redirect depends on >> the value of alwaysUseDefaultTargetUrl flag. Just wondering if I missed some >> class in Jsec/Ki where similar behavior is already implemented. >> >> Kalle >> > >
