wood burning stoves 2.0*
The moose likes Spring and the fly likes https in spring security Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of OCA/OCP Java SE 7 Programmer I & II Study Guide this week in the OCPJP forum!
JavaRanch » Java Forums » Frameworks » Spring
Bookmark "https in spring security" Watch "https in spring security" New topic
Author

https in spring security

salvin francis
Ranch Hand

Joined: Jan 12, 2009
Posts: 928

Hi,
we are using spring security into our systems and our server is using the https scheme.

Working code:


Not working code:



The documentation mentions:

defaultTargetUrl indicates the URL that should be used for redirection if the HttpSession attribute named SPRING_SECURITY_SAVED_REQUEST_KEY does not indicate the target URL once authentication is completed successfully. eg: /. The defaultTargetUrl will be treated as relative to the web-app's context path, and should include the leading /. Alternatively, inclusion of a scheme name (eg http:// or https://) as the prefix will denote a fully-qualified URL and this is also supported. More complex behaviour can be implemented by using a customised TargetUrlResolver.

source: http://static.springsource.org/spring-security/site/docs/2.0.x/apidocs/org/springframework/security/ui/AbstractProcessingFilter.html


is there any way to mention :
Redirect to Url ending with /SuccessLogin.jsp but using https protocol ?

PS: I didnt quite understand how TargetUrlResolver can help me in configurations.


My Website: [Salvin.in] Cool your mind:[Salvin.in/painting] My Sally:[Salvin.in/sally]
salvin francis
Ranch Hand

Joined: Jan 12, 2009
Posts: 928

Spring security version: 3.0.1 RC1

Question is crossposted accross: stackoverflow
Bug raised in Spring security : Spring security bug
salvin francis
Ranch Hand

Joined: Jan 12, 2009
Posts: 928

UPDATE:

The application is running on http not https, so the server, being apache, is the https handler. whereas the application is running on http behind a firewall


Is there a way to solve this issue ?
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: https in spring security