we are using spring security into our systems and our server is using the https scheme.
Not working code:
The documentation mentions:
defaultTargetUrl indicates the URL that should be used for redirection if the HttpSession attribute named SPRING_SECURITY_SAVED_REQUEST_KEY does not indicate the target URL once authentication is completed successfully. eg: /. The defaultTargetUrl will be treated as relative to the web-app's context path, and should include the leading /. Alternatively, inclusion of a scheme name (eg http:// or https://) as the prefix will denote a fully-qualified URL and this is also supported. More complex behaviour can be implemented by using a customised TargetUrlResolver.