ok.
lets say I have a secure url pattern
/secure/link-profile
optionally, there can be url paramaters appended.
/secure/link-profile?firstName=Bob&secondName=Smith&membershipNumber=1234
how can I make it so that those url params are carried over to the login page?
/login?firstName=Bob&secondName=Smith&membershipNumber=1234
the basic premise is that we offer rewards integration with a 3rd party, who will send their users to us. They will be taken to a page to link their 3rd party account/profile with their/our website user. If however, they dont have an existing account with us, then on the login page, they will go to the signup page, and we would then like to prepopulate some of their details that the 3rd party has passed on to us.
thanks in advance
spring security 2.0.7.RELEASE spring framework 3.1.1.RELEASE
The most common ways to implement redirection logic after login are: using HTTP Referer header. saving the original request in the session. appending original URL to the redirected login URL.
See the method buildRedirectUrlToLoginPage(HttpServletRequest request, ...)
in LoginUrlAuthenticationEntryPoint
.
If I understood correctly what you want to achieve, I think it should be enough to override this method in a sublclass, copy the original method, but additionally call urlBuilder.setQuery(request.getQueryString())
when it builds the url.
Then you only need to configure the ExceptionTranslationFilter
with this customized entry point.
as per @zagyi's response I just overrode a method in my existing extension of AuthenticationProcessingFilterEntryPoint
the method to override is protected String determineUrlToUseForThisRequest(HttpServletRequest request, HttpServletResponse response, AuthenticationException exception)
which is called by buildRedirectUrlToLoginPage(..
@Override protected String determineUrlToUseForThisRequest(HttpServletRequest request, HttpServletResponse response, AuthenticationException exception) { String url = super.determineUrlToUseForThisRequest(request, response, exception); return url + "?" + request.getQueryString(); }
obviously that could be improved to also use a builder of sorts, catering for an existing query string on the url, but at this time I know my login url is always /login/
, so this is fine for my purposes
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With