You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Current implementation by any means does not allow to use referer as redirection url despite extending AbstractAuthenticationTargetUrlRequestHandler which allows that and exposes propert setter useReferer(true).
Actual Behavior
Exposed useReferer setter has no effect.
Expected Behavior
Use referrer as redirection location if useReferer(true) is set and proper header is present in the original request.
In general, if isAlwaysUseDefaultTargetUrl - default target will be used even if not specified. If targetUrl parameter is set and present - it will be used. There is no other path to access .superOnAuthenticationSuccess to get referer working having saver request - and this is my goal
The text was updated successfully, but these errors were encountered:
Summary
Current implementation by any means does not allow to use referer as redirection url despite extending
AbstractAuthenticationTargetUrlRequestHandler
which allows that and exposes propert setteruseReferer(true)
.Actual Behavior
Exposed
useReferer
setter has no effect.Expected Behavior
Use referrer as redirection location if
useReferer(true)
is set and proper header is present in the original request.Version
<spring-security.version>5.0.10.RELEASE</spring-security.version>
Sample
This example shows badly written (trial and error yet) workaround implementation
This is done to affect following check inside SavedRequestAwareAuthenticationSuccessHandler
spring-security/web/src/main/java/org/springframework/security/web/authentication/SavedRequestAwareAuthenticationSuccessHandler.java
Lines 84 to 91 in 05caf3d
In general, if isAlwaysUseDefaultTargetUrl - default target will be used even if not specified. If targetUrl parameter is set and present - it will be used. There is no other path to access .superOnAuthenticationSuccess to get referer working having saver request - and this is my goal
The text was updated successfully, but these errors were encountered: