SEC-295: Changed to use getDefaultTargetUrl() accessor internally rather than accessing property directly. Allows for overriding method to supply different Urls.

20 years ago · 2a7caff95f
1 changed files with 20 additions and 11 deletions
--- a/core/src/main/java/org/acegisecurity/ui/AbstractProcessingFilter.java
+++ b/core/src/main/java/org/acegisecurity/ui/AbstractProcessingFilter.java
@ -81,14 +81,15 @@ import javax.servlet.http.HttpServletResponse;
 *  <p>To configure this filter to redirect to specific pages as the result of specific {@link
 * AuthenticationException}s you can do the following. Configure the <code>exceptionMappings</code> property in your
 * application xml. This property is a java.util.Properties object that maps a fully-qualified exception class name to
- * a redirection url target.<br>
+ * a redirection url target.
- * For example:<br>
+ * For example:
- * <code> &lt;property name="exceptionMappings"&gt;<br>
+ * <pre>
- * *  &nbsp;&nbsp;&lt;props&gt;<br>
+ *  &lt;property name="exceptionMappings"&gt;
- * *  &nbsp;&nbsp;&nbsp;&nbsp;&lt;prop&gt; key="org.acegisecurity.BadCredentialsException"&gt;/bad_credentials.jsp&lt;/prop&gt;<br>
+ *    &lt;props&gt;
- * *  &nbsp;&nbsp;&lt;/props&gt;<br>
+ *      &lt;prop&gt; key="org.acegisecurity.BadCredentialsException"&gt;/bad_credentials.jsp&lt;/prop&gt;
- * *  &lt;/property&gt;<br>
+ *    &lt;/props&gt;
- * * </code><br>
+ *  &lt;/property&gt;
 * </pre>
 * The example above would redirect all {@link org.acegisecurity.BadCredentialsException}s thrown, to a page in the
 * web-application called /bad_credentials.jsp.</p>
 *  <p>Any {@link AuthenticationException} thrown that cannot be matched in the <code>exceptionMappings</code> will
@ -122,7 +123,7 @@ public abstract class AbstractProcessingFilter implements Filter, InitializingBe
    private String authenticationFailureUrl;
    /**
-     * Where to redirect the browser to if authentication is successful but ACEGI_SECURITY_TARGET_URL_KEY is
+     * Where to redirect the browser to if authentication is successful but ACEGI_SAVED_REQUEST_KEY is
     * <code>null</code>
     */
    private String defaultTargetUrl;
@ -134,7 +135,7 @@ public abstract class AbstractProcessingFilter implements Filter, InitializingBe
    private String filterProcessesUrl = getDefaultFilterProcessesUrl();
    /**
-     * If <code>true</code>, will always redirect to {@link #defaultTargetUrl} upon successful authentication,
+     * If <code>true</code>, will always redirect to the value of {@link #getDefaultTargetUrl} upon successful authentication,
     * irrespective of the page that caused the authentication request (defaults to <code>false</code>).
     */
    private boolean alwaysUseDefaultTargetUrl = false;
@ -231,6 +232,14 @@ public abstract class AbstractProcessingFilter implements Filter, InitializingBe
     */
    public abstract String getDefaultFilterProcessesUrl();
    /**
     * Supplies the default target Url that will be used if no saved request is found or the
     * <tt>alwaysUseDefaultTargetUrl</tt> propert is set to true.
     * Override this method of you want to provide a customized default Url (for example if you want different Urls
     * depending on the authorities of the user who has just logged in).
     *
     * @return the defaultTargetUrl property
     */
    public String getDefaultTargetUrl() {
        return defaultTargetUrl;
    }
@ -377,7 +386,7 @@ public abstract class AbstractProcessingFilter implements Filter, InitializingBe
        }
        if (targetUrl == null) {
-            targetUrl = request.getContextPath() + defaultTargetUrl;
+            targetUrl = request.getContextPath() + getDefaultTargetUrl();
        }
        if (logger.isDebugEnabled()) {