always-use-default-target and always-use-default-target="false" works fine if the user logins with username and password
Both attributes seems to be ignored when using spring-social
When the user logins using Facebook or Twitter:
- If the user went to the login page because he/she clicked the "login" button, he/she is redirected to "/" after a successful login. I expected he/she to be redirected to default-target-url
- If the user was redirected to the login page because he/she tried to access a protected url, he/she is also redirected to "/" after a successful login. I expected he/she to be redirected to original protected url he/she requested.
I am using
spring 3.1.3.RELEASE
spring security 3.1.3.RELEASE
spring social 1.0.2.RELEASE
This is my spring-security.xml
This is my spring-social config class
Both attributes seems to be ignored when using spring-social
When the user logins using Facebook or Twitter:
- If the user went to the login page because he/she clicked the "login" button, he/she is redirected to "/" after a successful login. I expected he/she to be redirected to default-target-url
- If the user was redirected to the login page because he/she tried to access a protected url, he/she is also redirected to "/" after a successful login. I expected he/she to be redirected to original protected url he/she requested.
I am using
spring 3.1.3.RELEASE
spring security 3.1.3.RELEASE
spring social 1.0.2.RELEASE
This is my spring-security.xml
Code:
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.1.xsd">
<http use-expressions="true" access-denied-page="/ingresar/?acceso_denegado=true">
<intercept-url pattern="/" access="permitAll" />
<intercept-url pattern="/signin/**" access="permitAll" />
<intercept-url pattern="/url1/**" access="permitAll" />
<intercept-url pattern="/url2/**" access="hasAnyRole('ROLE_XXX')"/>
...
<intercept-url pattern="/**" access="denyAll" />
<form-login login-page="/url3/" default-target-url="/url4" always-use-default-target="false"
authentication-failure-url="/url5" login-processing-url="/url6"/>
<logout logout-url="/logout"/>
</http>
<beans:bean id="myUserService" class="my.kalos.service.MyUserServiceImpl"/>
<beans:bean id="encoder" class="org.springframework.security.crypto.password.StandardPasswordEncoder"/>
<authentication-manager alias="authenticationManager">
<authentication-provider user-service-ref='myUserService'>
<password-encoder ref="encoder"/>
</authentication-provider>
</authentication-manager>
</beans:beans>Code:
@Configuration
public class MyAppSocialConfig {
@Inject
MyAppConnectionSignUp myAppConnectionSignUp;
@Inject
private DataSource dataSource;
@Bean
public ConnectionFactoryLocator connectionFactoryLocator() {
ConnectionFactoryRegistry registry = new ConnectionFactoryRegistry();
registry.addConnectionFactory(new FacebookConnectionFactory(myAppConf.getFbAppId(), myAppConf.getFbAppSecret()));
registry.addConnectionFactory(new TwitterConnectionFactory(myAppConf.getTtConsumerKey(), myAppConf.getTtConsumerSecret()));
return registry;
}
@Bean
public UsersConnectionRepository usersConnectionRepository() {
JdbcUsersConnectionRepository repository = new JdbcUsersConnectionRepository(dataSource,
connectionFactoryLocator(), Encryptors.noOpText());
repository.setConnectionSignUp(myAppConnectionSignUp);
return repository;
}
@Bean
@Scope(value="request", proxyMode=ScopedProxyMode.INTERFACES)
public ConnectionRepository connectionRepository() {
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
MyUser user = (MyUser) authentication.getPrincipal();
return usersConnectionRepository().createConnectionRepository(String.valueOf(user.getId()));
}
@Bean
@Scope(value="request", proxyMode=ScopedProxyMode.INTERFACES)
public Facebook facebook() {
return connectionRepository().getPrimaryConnection(Facebook.class).getApi();
}
@Bean
@Scope(value="request", proxyMode=ScopedProxyMode.INTERFACES)
public Twitter twitter() {
return connectionRepository().getPrimaryConnection(Twitter.class).getApi();
}
@Bean
public ProviderSignInController providerSignInController() {
ProviderSignInController controller = new MyAppProviderSignInController(...);
controller.setSignInUrl("/someUrl/");
return controller;
}
}