From 8884d532251859a77077560e2ac53fefbe8a5159 Mon Sep 17 00:00:00 2001
From: Henri Sara <henri.sara@itmill.com>
Date: Thu, 23 Jul 2009 12:51:18 +0000
Subject: [PATCH] #3157: Spring security form login fix

svn changeset:8409/svn branch:6.0
---
 .../gwt/client/ApplicationConfiguration.java  |  2 +-
 .../gwt/client/ApplicationConnection.java     |  6 ++--
 .../server/AbstractApplicationServlet.java    | 33 +++++++++++++++++++
 3 files changed, 37 insertions(+), 4 deletions(-)

diff --git a/src/com/vaadin/terminal/gwt/client/ApplicationConfiguration.java b/src/com/vaadin/terminal/gwt/client/ApplicationConfiguration.java
index 0ab80610cc..945542729f 100644
--- a/src/com/vaadin/terminal/gwt/client/ApplicationConfiguration.java
+++ b/src/com/vaadin/terminal/gwt/client/ApplicationConfiguration.java
@@ -106,7 +106,7 @@ public class ApplicationConfiguration {
 
     /**
      * Inits the ApplicationConfiguration by reading the DOM and instantiating
-     * ApplicationConenctions accordingly. Call {@link #startNextApplication()}
+     * ApplicationConnections accordingly. Call {@link #startNextApplication()}
      * to actually start the applications.
      * 
      * @param widgetset
diff --git a/src/com/vaadin/terminal/gwt/client/ApplicationConnection.java b/src/com/vaadin/terminal/gwt/client/ApplicationConnection.java
index f2da32cbc4..5bcb2873ff 100755
--- a/src/com/vaadin/terminal/gwt/client/ApplicationConnection.java
+++ b/src/com/vaadin/terminal/gwt/client/ApplicationConnection.java
@@ -761,7 +761,7 @@ public class ApplicationConnection {
     /**
      * This method assures that all pending variable changes are sent to server.
      * Method uses synchronized xmlhttprequest and does not return before the
-     * changes are sent. No UIDL updates are processed and thut UI is left in
+     * changes are sent. No UIDL updates are processed and thus UI is left in
      * inconsistent state. This method should be called only when closing
      * windows - normally sendPendingVariableChanges() should be used.
      */
@@ -899,11 +899,11 @@ public class ApplicationConnection {
      * Build the variable burst and send it to server.
      * 
      * When sync is forced, we also force sending of all pending variable-bursts
-     * at the same time. This is ok as we can assume that DOM will newer be
+     * at the same time. This is ok as we can assume that DOM will never be
      * updated after this.
      * 
      * @param pendingVariables
-     *            Vector of variablechanges to send
+     *            Vector of variable changes to send
      * @param forceSync
      *            Should we use synchronous request?
      */
diff --git a/src/com/vaadin/terminal/gwt/server/AbstractApplicationServlet.java b/src/com/vaadin/terminal/gwt/server/AbstractApplicationServlet.java
index 1008dffd49..706d343b2d 100644
--- a/src/com/vaadin/terminal/gwt/server/AbstractApplicationServlet.java
+++ b/src/com/vaadin/terminal/gwt/server/AbstractApplicationServlet.java
@@ -366,6 +366,24 @@ public abstract class AbstractApplicationServlet extends HttpServlet {
         RequestType requestType = getRequestType(request);
 
         try {
+            // If a duplicate "close application" URL is received for an
+            // application that is not open, redirect to the application's main
+            // page.
+            // This is needed as e.g. Spring Security remembers the last
+            // URL from the application, which is the logout URL, and repeats
+            // it.
+            // We can tell apart a real onunload request from a repeated one
+            // based on the real one having content (at least the UIDL security
+            // key).
+            if (requestType == RequestType.UIDL
+                    && request.getParameterMap().containsKey(
+                            ApplicationConnection.PARAM_UNLOADBURST)
+                    && request.getContentLength() < 1
+                    && getExistingApplication(request, false) == null) {
+                redirectToApplication(request, response);
+                return;
+            }
+
             // Find out which application this request is related to
             application = findApplicationInstance(request, requestType);
             if (application == null) {
@@ -1191,6 +1209,21 @@ public abstract class AbstractApplicationServlet extends HttpServlet {
         return string;
     }
 
+    /**
+     * Write a redirect response to the main page of the application.
+     * 
+     * @param request
+     * @param response
+     * @throws IOException
+     *             if sending the redirect fails due to an input/output error or
+     *             a bad application URL
+     */
+    private void redirectToApplication(HttpServletRequest request,
+            HttpServletResponse response) throws IOException {
+        String applicationUrl = getApplicationUrl(request).toExternalForm();
+        response.sendRedirect(response.encodeRedirectURL(applicationUrl));
+    }
+
     /**
      * 
      * @param request
-- 
2.39.5