Retain Original Target URL with always-use-default-target="true"
Hello,
I have a situation in which I would like to retain the original target URL that the user requested, but my config contains always-use-default-target="true". I am forwarding to a default target to do some post-login processing, however, I would like to then, continue on to the original target.
I've tried inserting some custom filters to capture the original target (similar to Spring's RequestCache.saveRequest) but after successful login, the original session is destroyed and a new session is created because of session-fixation-protection (which I still want).
Here is my current setup:
The default-target-url="/postLogin" is mapping to a controller that is doing some processing and then sends to a view - this is where I'd like to grab the original target from the session and forward to it.Code:<security:http auto-config="true" access-denied-page="/accessDenied" > <security:intercept-url pattern="/secure/**" access="ROLE_USER" requires-channel="https"/> <security:intercept-url pattern="/resources/**" filters="none" /> <security:intercept-url pattern="/login*" filters="none" /> <security:intercept-url pattern="/**" access="ROLE_USER,ROLE_ADMIN" /> <security:form-login login-page='/login' authentication-failure-url="/login?login_error=1" default-target-url="/postLogin" always-use-default-target="true"/> <security:logout logout-success-url="/home"/> <security:session-management session-fixation-protection="newSession"> <security:concurrency-control max-sessions="1"/> </security:session-management> </security:http>
Is there a better way I can do this or something else I can override to accomplish this?
Any help is much appreciated,
Mark
