-
Notifications
You must be signed in to change notification settings - Fork 6.1k
Provide a way to customize the RedirectStrategy only #14061
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Comments
Hi, @trajano. I don't think I follow, why you cannot just customize the |
Let me try it out. And to answer your question ... because I didn't see it documented as an option. But looking at the solution This will override authenticationSuccessHandler so I guess I would also need to change the failure as well, but it's missing
It destroys the default login forms. So it brings back to my problem where I had to recreate the specs to bring back the original login form capability. |
If you override the |
That's correct, but I didn't really want to change the entry point either, I just wanted to change the redirect strategy. But there was no facility to just change that, instead I had to recreate all the components down to the
Or to follow the rest of the convention would be something like http.authenticationEntryPoint { it.setRedirectStrategy(customRedirectStrategy) }
http.authenticationSuccessHandler { it.setRedirectStrategy(customRedirectStrategy) }
http.authenticationFailureHandler { it.setRedirectStrategy(customRedirectStrategy) } Another approach is to have that logic I wrote to handle X-Forward... headers be handled by the default redirect strategy. |
I am not sure if we want those global strategies since they could become too complex to handle the configuration scenarios in different authentication mechanisms. Furthermore, it seems that you want to handle absolute URIs in redirection, which has been covered by #11656. That being said, I'll close this as declined since we are not looking into adding that for now. |
Uh oh!
There was an error while loading. Please reload this page.
Expected Behavior
http .redirectStrategy(ForwardHeadersRedirectStrategy())
Current Behavior
I basically have to recreate the code to rebuild the default login screen
Context
I get
X-Forwarded-For
headers which are not recognized by Spring Security and such it will redirect without the host name.The text was updated successfully, but these errors were encountered: