[jira] [Created] (DELTASPIKE-675) Make intitially requested and secured page available for redirect after login

["Werner Gaulke (JIRA)" <ji...@apache.org>]

Werner Gaulke created DELTASPIKE-675:
----------------------------------------

             Summary: Make intitially requested and secured page available for redirect after login
                 Key: DELTASPIKE-675
                 URL: https://issues.apache.org/jira/browse/DELTASPIKE-675
             Project: DeltaSpike
          Issue Type: Improvement
          Components: Security-Module
    Affects Versions: 1.0.1
            Reporter: Werner Gaulke
            Priority: Minor


h2. Situation

DeltaSpike combined with PicketLink for security handling (users and roles). Custom AccessdecisionVoter to check, whether the user is allowed to access a page (by Secured Annotation in ViewConfig).

DS-Security intercept access to this page and redirects to the login. After the login it would be nice to redirect the user to the initially requested page. 

Generally this problem is independend of the used security framework, in this case though PicketLink is used.

Reference to mailing list: http://mail-archives.apache.org/mod_mbox/deltaspike-users/201407.mbox/%3C006601cfa1ad$8fa14a00$aee3de00$@gaulke.net%3E


h2. Idea for the solution
Make requested page avaiable in AccessDecisionVoterContext and let the app handle the redirect after login. I think this could be done in SecurityUtils. 


h2. Example
Attached you will find a minimal JSF/DS/PL application which uses a in memory database. Start the application in JBOSS Wildfly and access it.
You can now click on "Admin Area" in the main-menu and DS will redirect you to the login form. After login a LoggedIn Event by PL is fired. 
A redirect to the requested page is desired. 

https://www.dropbox.com/s/7k59jp1ka4xeez2/ds-pl-minimal.zip





--
This message was sent by Atlassian JIRA
(v6.2#6252)