Skip to main content

Acegi onSuccessfulAuthentication

Some time back, I raised a jira in Acegi, which was turned down. There was no adequate response from spring team. Here I am writing about it, so other spring users (read gurus) may pitch in.
//Edited to short and precise
protected void successfulAuthentication(HttpServletRequest request,
    HttpServletResponse response, Authentication authResult)
    throws IOException {

    SecurityContextHolder.getContext().setAuthentication(authResult);

    String targetUrl = (String) request.getSession()
                 .getAttribute(ACEGI_SECURITY_TARGET_URL_KEY);
    request.getSession().removeAttribute(ACEGI_SECURITY_TARGET_URL_KEY);

    if (alwaysUseDefaultTargetUrl == true) {
        targetUrl = null;
    }

    if (targetUrl == null) {
        targetUrl = request.getContextPath() + defaultTargetUrl;
    }

    // user call back hook
    onSuccessfulAuthentication(request, response, authResult);
    //...
    response.sendRedirect(response.encodeRedirectURL(targetUrl));
}
The Acegi framework's AbstractProcessingFilter provides a callback method onSuccessfulAuthentication for calling user logic after a successful login - generally used for building user login context specific to application. The landing page is *pre-determined* before this call so NO matter what happens in this method, it is redirected to land on the said page. So,  if there is a data or application error while doing it, it is still going to the same page redirected to. The only way to control the flow is by throwing an exception and handling it either by Acegi Exception Handlers or catching that exception in web.xml

My Request was to be able to use a different flow, and send to a different page. In my case, If there was a user that was in our Transaction DB but not in legacy DB, We just come out throw the user an error splash screen. It dint matter much to me. However If you had a business scenario - go to a different controller, build a session different way and send to a different page - How do you do? Have you had this situation? How would you resolve it?

Popular posts from this blog

Appcache manifest file issues/caveats

Application cache (appcache) is a powerful feature in HTML5. However, it does come with baggage. Many (see links below) advocated ferociously against it due to tricky issues it comes with. For someone who is just testing waters, these issues may throw them off grid. Knowing them before hand helps reduce some unpredictable effects.

Being a Vegetarian

I am a Proud Vegetarian. I don't eat Meat or Eggs. People say its hard here in US to be one. I beg to differ. The mere fact that I am hail and healthy these 4 years is a definitive proof. Apart from being bullied and trash talked by The Meat-Eaters, There is really nothing that makes this choice of mine any more than a debatable issue at a lunch or dinner. Other things aside, I am writing this blog having watched a PETA Video. Before you click on the play button, I ask you - If you are a vegetarian : Dont watch it. If you are not : Dare to watch it till the end. If you think going veg is just a fashion, think again . Even if you just want to do it for Fashion . Do it. Go Vegetarian. And Feel better asking the waiter for a Vegetarian Entrée in your next lunch.

classpath*: making your Modular Spring Resources

Spring gives multiple options to load XML resources for building contexts. the reference documentation does explain this feature quite well. However, I am taking my shot at explaining the different practical scenarios ( by order of growing modularisation) For Example, A simplest Spring based web Context Loader can be configured with resources like this <context-param> <param-name>contextConfigLocation</param-name> <param-value>applicationContext.xml</param-value> </context-param> <listener> <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class> </listener> You just need to put applicationContext.xml in WEB-INF/ folder of your webapp. However, Typically an application is n-tiered. You can also have multiple files setup and in relative paths. like <param-value> context-files/applicationContext.xml context-files/dao.xml context-files/service.xml </param-value>