Two Laptop Bag
The moose likes Spring and the fly likes https in spring security Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of OCA Java SE 8 Programmer I Study Guide this week in the OCAJP 8 forum!
JavaRanch » Java Forums » Frameworks » Spring
Bookmark "https in spring security" Watch "https in spring security" New topic

https in spring security

salvin francis
Ranch Hand

Joined: Jan 12, 2009
Posts: 928

we are using spring security into our systems and our server is using the https scheme.

Working code:

Not working code:

The documentation mentions:

defaultTargetUrl indicates the URL that should be used for redirection if the HttpSession attribute named SPRING_SECURITY_SAVED_REQUEST_KEY does not indicate the target URL once authentication is completed successfully. eg: /. The defaultTargetUrl will be treated as relative to the web-app's context path, and should include the leading /. Alternatively, inclusion of a scheme name (eg http:// or https://) as the prefix will denote a fully-qualified URL and this is also supported. More complex behaviour can be implemented by using a customised TargetUrlResolver.


is there any way to mention :
Redirect to Url ending with /SuccessLogin.jsp but using https protocol ?

PS: I didnt quite understand how TargetUrlResolver can help me in configurations.

My Website: [] Cool your mind:[] My Sally:[]
salvin francis
Ranch Hand

Joined: Jan 12, 2009
Posts: 928

Spring security version: 3.0.1 RC1

Question is crossposted accross: stackoverflow
Bug raised in Spring security : Spring security bug
salvin francis
Ranch Hand

Joined: Jan 12, 2009
Posts: 928


The application is running on http not https, so the server, being apache, is the https handler. whereas the application is running on http behind a firewall

Is there a way to solve this issue ?
Don't get me started about those stupid light bulbs.
subject: https in spring security
It's not a secret anymore!