Spring Security 3 Get Initially Requested URL

I need to modify my spring security login page based on where the user came from. My client wants the styles different between the two. If you come from appcontextroot/test vs appcontextroot/choose. I tried to do the below but the String url=savedRequest.getRedirectUrl(); is equal to the spring login page already and not the initial page requested by the user. Any ideas?

ExternalContext externalContext = FacesUtils.getExternalContext();
    HttpServletRequest request = (HttpServletRequest)externalContext.getRequest();
    HttpSession session = request.getSession(false);
    if(session != null) {
        Save开发者_JAVA技巧dRequest savedRequest = new DefaultSavedRequest(request, new PortResolverImpl());
        String url=savedRequest.getRedirectUrl();
    } 

You need to extract SavedRequest from the session, not to create a new one:

SavedRequest savedRequest = 
    new HttpSessionRequestCache().getRequest(request, response);

SavedRequest savedRequest =
    (SavedRequest)session.getAttribute("SPRING_SECURITY_SAVED_REQUEST");
// ...check for null...
String targetUrl = savedRequest.getRedirectUrl();

Ugly but working, if you don't have the HttpServletResponse available (e.g. in case you use org.springframework.social.connect.web.SignInAdapter).

Tested with Spring Security 3.1.0.RC2.

I didn't make it work with the solution proposed, here's what i found : (Using spring 3.1).

In your fitler class :

CharsetFilter implements Filter {
    @OVerride public void doFilter(ServletRequest request, ServletResponse response, FilterChain next) throws IOException, ServletException {
        HttpServletRequest hsr = (HttpServletRequest) request;
        if (hsr.getUserPrincipal() == null) {
            HttpSession session = hsr.getSession();
            if (!(hsr == null)) {
                logger.info("path : " + hsr.getPathInfo());
                session.setAttribute("beforeLoginUrl", hsr.getPathInfo());
    }
  }
}

Then i your web.xml declare your filter :

<filter>
    <filter-name>springSecurityFilterChain</filter-name>
    <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter>
    <filter-name>charsetFilter</filter-name>
    <filter-class>org.springframework.web.filter.CharacterEncodingFilter</filter-class>
    <init-param>
        <param-name>encoding</param-name>
        <param-value>UTF-8</param-value>
    </init-param>
</filter>
<filter-mapping>
    <filter-name>charsetFilter</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping>
<filter>
    <filter-name>CharsetFilter</filter-name>
    <filter-class>com.ent.foo.CharsetFilter</filter-class>
    <init-param>
        <param-name>requestEncoding</param-name>
        <param-value>UTF-8</param-value>
    </init-param>
</filter>

Then in your redirect url after successful login just get the HttpSession back :

@RequestMapping(value = "successful")
public void showSuccessfulogin (HttpSession session) {
    String redirectUrl = (String) session.getAttribute("beforeLoginUrl");
    if (redirectUrl != null) {
        session.removeAttribute("beforeLoginUrl");
        return "redirect:" + redirectUrl;
    }
    return "redirect:/";
}

Here you got the stuff to make it work, but you'll have to check the

hsr.getPathInfo()

and see if it ends with .css or .js, etc...

Also if the login fail you'll should see if session attribute is already set and see any others special case !

Btw my filter was used before to format all input/output in utf-8.

Hope it'll help any.

For me I used Spring Security 3.0.0 and the following worked :

DefaultSavedRequest savedRequest=(DefaultSavedRequest) request.getSession().getAttribute("SPRING_SECURITY_SAVED_REQUEST_KEY"); targetUrl=savedRequest.getRedirectUrl();