Spring 3 Security and Relative Redirect URLs

We have a Spring 3 app with Spring Security behind a Squid proxy. The issue is that Spring only knows about the internal squid url so after a successful login at example.com/login instead of redirecting to example.com/home it redirects to internal.example.com.

Does anyone know how to deal with this situation?

My Config:

<security:http use-expressions="true" auto-config="true">
    <security:intercept-url pattern="/" access="hasRole('ROLE_ANONYMOUS') or hasRole('ROLE_GENERAL_ADMINISTRATION')"/>
    <security:intercept-url pattern="/**" access="hasRole('ROLE_GENERAL_ADMINISTRATION')"/>
    <security:intercep开发者_运维技巧t-url pattern="/static/**" filters="none"/>
    <security:logout invalidate-session="true" logout-url="/logout" logout-success-url="/"/>
    <security:form-login login-page="/" default-target-url="/dashboard"/>
    <security:anonymous/>
</security:http>

Edit:

In my case the admins had set up mod_jk incorrectly so everything was fine with squid and the above config.

I'm having web application with Spring security behind Apache HTTP Reverse proxy and some stupid application which behaves like you described above and the solution for us was to use mod_rewrite module

http://httpd.apache.org/docs/2.0/mod/mod_rewrite.html

Anyway what are you saying is very weird because the correct Spring security configuration should use relative urls and it should not matter weather, internal or external host is used in url.

if you configure URL

 <security:form-login login-page="//login.jsp" login-processing-url="/login" always-use-default-target="true"/>

Should behave the same way in internal or external URL, it sounds like problem in configuration.

I have a similar problem, with a nginx reverse proxy in front of my (currently PHP) apps, but others recommend that the work of fixing URLs is done on the proxy, e.g. http://www.informit.com/articles/article.aspx?p=169534:

Response header remapping. The response headers may contain information that explicitly points to the content web server. One example is the "Location:" header that is used with redirections. The reverse proxy servers remap the "Location:" field, replacing the reference to the content web server with its own address.

Also an answer on a related question: "Redirect to https for few services using spring".