|
|
@@ -23,6 +23,7 @@ import org.apache.commons.logging.Log;
|
|
|
import org.apache.commons.logging.LogFactory;
|
|
|
import org.springframework.security.web.PortResolver;
|
|
|
import org.springframework.security.web.PortResolverImpl;
|
|
|
+import org.springframework.security.web.util.UrlUtils;
|
|
|
import org.springframework.security.web.util.matcher.AnyRequestMatcher;
|
|
|
import org.springframework.security.web.util.matcher.RequestMatcher;
|
|
|
|
|
|
@@ -88,13 +89,9 @@ public class HttpSessionRequestCache implements RequestCache {
|
|
|
|
|
|
public HttpServletRequest getMatchingRequest(HttpServletRequest request,
|
|
|
HttpServletResponse response) {
|
|
|
- DefaultSavedRequest saved = (DefaultSavedRequest) getRequest(request, response);
|
|
|
+ SavedRequest saved = getRequest(request, response);
|
|
|
|
|
|
- if (saved == null) {
|
|
|
- return null;
|
|
|
- }
|
|
|
-
|
|
|
- if (!saved.doesRequestMatch(request, portResolver)) {
|
|
|
+ if (!matchesSavedRequest(request, saved)) {
|
|
|
logger.debug("saved request doesn't match");
|
|
|
return null;
|
|
|
}
|
|
|
@@ -104,6 +101,20 @@ public class HttpSessionRequestCache implements RequestCache {
|
|
|
return new SavedRequestAwareWrapper(saved, request);
|
|
|
}
|
|
|
|
|
|
+ private boolean matchesSavedRequest(HttpServletRequest request, SavedRequest savedRequest) {
|
|
|
+ if (savedRequest == null) {
|
|
|
+ return false;
|
|
|
+ }
|
|
|
+
|
|
|
+ if (savedRequest instanceof DefaultSavedRequest) {
|
|
|
+ DefaultSavedRequest defaultSavedRequest = (DefaultSavedRequest) savedRequest;
|
|
|
+ return defaultSavedRequest.doesRequestMatch(request, this.portResolver);
|
|
|
+ }
|
|
|
+
|
|
|
+ String currentUrl = UrlUtils.buildFullRequestUrl(request);
|
|
|
+ return savedRequest.getRedirectUrl().equals(currentUrl);
|
|
|
+ }
|
|
|
+
|
|
|
/**
|
|
|
* Allows selective use of saved requests for a subset of requests. By default any
|
|
|
* request will be cached by the {@code saveRequest} method.
|
Rob Winch