Skip to content

Commit 070bb51

Browse files
yuezkyuezk
committed
Use determineTargetUrl() to retrieve redirect URL
PR gh-16704 Signed-off-by: Kevin Yue <[email protected]>
1 parent 39a8049 commit 070bb51

File tree

1 file changed

+7
-14
lines changed

1 file changed

+7
-14
lines changed

web/src/main/java/org/springframework/security/web/authentication/SavedRequestAwareAuthenticationSuccessHandler.java

Lines changed: 7 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
/*
2-
* Copyright 2002-2016 the original author or authors.
2+
* Copyright 2002-2025 the original author or authors.
33
*
44
* Licensed under the Apache License, Version 2.0 (the "License");
55
* you may not use this file except in compliance with the License.
@@ -16,15 +16,11 @@
1616

1717
package org.springframework.security.web.authentication;
1818

19-
import java.io.IOException;
20-
21-
import jakarta.servlet.ServletException;
2219
import jakarta.servlet.http.HttpServletRequest;
2320
import jakarta.servlet.http.HttpServletResponse;
2421
import org.apache.commons.logging.Log;
2522
import org.apache.commons.logging.LogFactory;
2623

27-
import org.springframework.security.core.Authentication;
2824
import org.springframework.security.web.access.ExceptionTranslationFilter;
2925
import org.springframework.security.web.savedrequest.HttpSessionRequestCache;
3026
import org.springframework.security.web.savedrequest.RequestCache;
@@ -70,24 +66,21 @@ public class SavedRequestAwareAuthenticationSuccessHandler extends SimpleUrlAuth
7066
private RequestCache requestCache = new HttpSessionRequestCache();
7167

7268
@Override
73-
public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response,
74-
Authentication authentication) throws ServletException, IOException {
69+
protected String determineTargetUrl(HttpServletRequest request, HttpServletResponse response) {
7570
SavedRequest savedRequest = this.requestCache.getRequest(request, response);
7671
if (savedRequest == null) {
77-
super.onAuthenticationSuccess(request, response, authentication);
78-
return;
72+
return super.determineTargetUrl(request, response);
7973
}
74+
8075
String targetUrlParameter = getTargetUrlParameter();
8176
if (isAlwaysUseDefaultTargetUrl()
8277
|| (targetUrlParameter != null && StringUtils.hasText(request.getParameter(targetUrlParameter)))) {
8378
this.requestCache.removeRequest(request, response);
84-
super.onAuthenticationSuccess(request, response, authentication);
85-
return;
79+
return super.determineTargetUrl(request, response);
8680
}
87-
clearAuthenticationAttributes(request);
81+
8882
// Use the DefaultSavedRequest URL
89-
String targetUrl = savedRequest.getRedirectUrl();
90-
getRedirectStrategy().sendRedirect(request, response, targetUrl);
83+
return savedRequest.getRedirectUrl();
9184
}
9285

9386
public void setRequestCache(RequestCache requestCache) {

0 commit comments

Comments
 (0)