Spring security and ajax response on successful login.

[nishashirawala]

Hi,

I have a problem using spring security 2.0.

My home page is using ajax and requesting a servlet on 10 sec everytime.
Now, if my session is invalidated, and i relogin - instead of homepage, response from last ajax request is displayed on the page.

Please help.

Thanks,
Nisha

[Rob Winch]

I'm not exactly sure what your requirements are, so I am making a few assumptions on what you want to do.

One option is to override the ExceptionTranslationFilter.sendStartAuthentication method to only save requests that the user should be sent to on successful authentication (i.e. non ajax requests).

An alternative is to replace the targetUrlResolver implementation on the AuthenticationProcessingFilter with one that extends TargetResolverImpl. The difference is that this one would look to see if the SavedRequest is an ajax request. If it is an ajax request then return null, otherwise the result is the call to the super class. The disadvantage to this approach is you are possibly overriding a non-ajax SavedRequest with an ajax one and then going to the default url rather than the last non-ajax request.

HTH,
Rob Winch

[nishashirawala]

Hi,

Thanks a lot for this information, i will surely try this alternative.

Currently this is solved by setting null for ACEGI_SAVED_REQUEST_KEY from session if it has ajax method. So the error is gone..

- Nisha