{"id":26376,"date":"2016-02-11T13:35:43","date_gmt":"2016-02-11T08:05:43","guid":{"rendered":"http:\/\/www.tothenew.com\/blog\/?p=26376"},"modified":"2016-03-03T17:24:37","modified_gmt":"2016-03-03T11:54:37","slug":"restrict-ajax-request-caching-in-springsecurity","status":"publish","type":"post","link":"https:\/\/www.tothenew.com\/blog\/restrict-ajax-request-caching-in-springsecurity\/","title":{"rendered":"Restrict Ajax request caching in SpringSecurity"},"content":{"rendered":"<p>Spring Security has a nice feature of request caching. When user try to access secured resource without logging in into the system, spring security caches that request and redirect the user to the login page. After successful authentication it redirects user to that cached request. This works for both Ajax and non-ajax requests. To restrict request caching for Ajax request in <a title=\"grails development\" href=\"http:\/\/www.tothenew.com\/grails-application-development\">Grails App<\/a>, we just need to follow some steps.<\/p>\n<ol>\n<li>Create a class and extends it with HttpSessionRequestCache.<\/li>\n<li>Override its saveRequest() method<\/li>\n<\/ol>\n<p>[java]<\/p>\n<p>class CustomHttpSessionRequestCache extends HttpSessionRequestCache {<br \/>\n\tpublic void saveRequest(HttpServletRequest request, HttpServletResponse response) {<br \/>\n\t\tif(!&quot;XMLHttpRequest&quot;.equals(request.getHeader(&quot;X-Requested-With&quot;))) {<br \/>\n\t\t\tsuper.saveReqeust(request, response);<br \/>\n\t\t}<br \/>\n\t}<br \/>\n}<\/p>\n<p>[\/java]<\/p>\n<p>Now register it as spring bean with name <strong>requestCache <\/strong>in your resources.groovy file<\/p>\n<p>[java]<\/p>\n<p>requestCache(ApplicationHttpSessionRequestCache) {<br \/>\n\tportResolver = ref(&#8216;portResolver&#8217;)<br \/>\n\tcreateSessionAllowed = conf.requestCache.createSession \/\/ true<br \/>\n\trequestMatcher = ref(&#8216;requestMatcher&#8217;)<br \/>\n}<\/p>\n<p>[\/java]<\/p>\n<p>&nbsp;<\/p>\n<p>Thats it \ud83d\ude42<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Spring Security has a nice feature of request caching. When user try to access secured resource without logging in into the system, spring security caches that request and redirect the user to the login page. After successful authentication it redirects user to that cached request. This works for both Ajax and non-ajax requests. To restrict [&hellip;]<\/p>\n","protected":false},"author":185,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"iawp_total_views":2},"categories":[7],"tags":[672],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.tothenew.com\/blog\/wp-json\/wp\/v2\/posts\/26376"}],"collection":[{"href":"https:\/\/www.tothenew.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.tothenew.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.tothenew.com\/blog\/wp-json\/wp\/v2\/users\/185"}],"replies":[{"embeddable":true,"href":"https:\/\/www.tothenew.com\/blog\/wp-json\/wp\/v2\/comments?post=26376"}],"version-history":[{"count":0,"href":"https:\/\/www.tothenew.com\/blog\/wp-json\/wp\/v2\/posts\/26376\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.tothenew.com\/blog\/wp-json\/wp\/v2\/media?parent=26376"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.tothenew.com\/blog\/wp-json\/wp\/v2\/categories?post=26376"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.tothenew.com\/blog\/wp-json\/wp\/v2\/tags?post=26376"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}