Redirect to page that required authentication after login success notworking

Hey we are using spring security and extending the VaadinWebSecurity as following:

@Override
protected void configure(HttpSecurity http) throws Exception {
        http.authorizeHttpRequests()
                .requestMatchers(EndpointRequest.toAnyEndpoint()).permitAll()
                .requestMatchers(new AntPathRequestMatcher("/icons/*.ico")).permitAll()
                .and()
                .securityContext(securityContext -> securityContext.requireExplicitSave(false))
                .headers().frameOptions().disable()
                .and()
                .csrf()
                .and()
                .cors().disable();

        if(softwareConfiguration.isDevelopmentMode()) {
            http.authorizeHttpRequests()
                    .requestMatchers(new AntPathRequestMatcher("/h2-console/**")).permitAll()
                    .and()
                    .csrf().ignoringRequestMatchers(new AntPathRequestMatcher("/h2-console/**"));
        }

        super.configure(http);
        setLoginView(http, LoginView.class);
    }

from my understanding the super call should add the VaadinDefaultRequestCache and redirect to the page which required the autentication after login success. Somehow this doesn’t seem to work. Any ideas?

We have custom login logic. Maybe that’s the problem hmm

Particially fixed it with this little snippet called after context.setAuthentication(authentication);:

HttpSession session = httpRequest.getSession(false);
DefaultSavedRequest savedRequest = (DefaultSavedRequest) session.getAttribute("SPRING_SECURITY_SAVED_REQUEST");
String requestedURI = savedRequest != null ? savedRequest.getRequestURI() : "/dashboard";

UI.getCurrent().navigate(StringUtils.removeStart(requestedURI, "/"));

This still has one problem:
It redirects to the correct page but after that I see the login view again. Navigation is not changed to /login tho. After a reload everything is fine and I’m logged in :frowning_with_open_mouth:

Fixed it completly. In case someone needs it: ```
HttpSession session = httpRequest.getSession(false);
DefaultSavedRequest savedRequest = (DefaultSavedRequest) session.getAttribute(“SPRING_SECURITY_SAVED_REQUEST”);
String requestedURI = savedRequest != null ? savedRequest.getRequestURI() : RouteConfiguration.forSessionScope().getUrl(DashboardView.class);

UI.getCurrent().getPage().setLocation(requestedURI);