Using Spring boot and Authorization Code Flow.
After the user successfully authenticates with Okta I want to customize where the user is redirected to. I am having trouble finding a way to customize this. Any thoughts?
http.csrf().disable() .authorizeRequests() .antMatchers(HttpMethod.GET, "/api/programs/*", "/api/programs").permitAll() .antMatchers(HttpMethod.POST, "/api/users").permitAll() .antMatchers("/api/**", "/login", "/patron/**").authenticated() .antMatchers("/**").permitAll() .anyRequest().authenticated() .and() .logout().deleteCookies().invalidateHttpSession(true).logoutSuccessUrl("/").permitAll();
If I secure the
/login route, I would expect that I could set a controller get some response, but it looks like Spring Security never lets it come to my controller.
Doing some debugging I find that SavedRequestAwareAuthenticationSuccessHandler is the handler being used by default, which has my request saved in session. Is there a way to override this behavior?