Thanks Matt.
But in my case, I have a jsp (not login.jsp) which present a login form
to user and I want to redirect the user to a url which is different from
defaultTargetUrl after the user has been authenticated. This is similar
to Amazon login when you checkout, it will continue the checkout
procedure if you are authenticated(This is my case). However, if you do
a normal login to amazon, it shouldn't lead you to checkout, it should
lead you somewhere, maybe the main page(I believe it should be the
defaultTargetUrl of amazon. )
Anyone has any idea? Any input is appreciated. Thanks
Best regards,
Jonathan
Matt Raible wrote:
In the authenticationProcessingFilter, you can set the
defaultTargetUrl. You can also set it's always used:
<bean id="authenticationProcessingFilter"
class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilter">
<property name="authenticationManager"
ref="authenticationManager"/>
<property name="authenticationFailureUrl"
value="/login.jsp?error=true"/>
<property name="defaultTargetUrl" value="/yourdesiredurl"/>
<property name="alwaysUseDefaultTargetUrl" value="true"/>
<property name="filterProcessesUrl" value="/j_security_check"/>
<property name="rememberMeServices" ref="rememberMeServices"/>
</bean>
HTH,
Matt
On 1/29/07, Jonathan Tse <[EMAIL PROTECTED]> wrote:
Hi all,
Does anyone know that how do i specify an explicit redirect url
after acegi have authenticated the user? I understand that if I try to
access a protected resource, acegi will automatically store the url in
the session and redirect to this resource once the user is
authenticated. But in my case i want to specify the url to be redirected
when I present a login page to user (the user is not accessing protected
resource, i just want the user to log on there).
I tried to put
|AbstractProcessingFilter.ACEGI_SECURITY_TARGET_URL_KEY in ||HttpSession
(in the formBackingObject method of this controller) but this constant
cannot be found.
Any idea?
Best regards,
Jonathan Tse
|
From acegi documentation:
Once the |SecurityContextHolder| has been updated, the browser will need
to be redirected to the target URL. The target URL is usually indicated
by the |HttpSession| attribute specified by
|AbstractProcessingFilter.ACEGI_SECURITY_TARGET_URL_KEY|. This attribute
is automatically set by the |ExceptionTranslationFilter| when an
|AuthenticationException| occurs, so that after login is completed the
user can return to what they were trying to access. If for some reason
the |HttpSession| does not indicate the target URL, the browser will be
redirected to the |defaultTargetUrl| property.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
