I'm using spring-security and struts 2. Most of our pages have content that is unprotected mixed with some protected content (user controls) so it is not like the examples where you go to a certain page and spring-security intercepts everything. Rather I'd like to be able to work with a login form that you access by pressing a login button on any page. Once you've succesfully authenticated you should be redirected to the original page.
This is where I'm stumped. Sending the URL to redirect to can be done by adding it into the form action like so:
<form action="/j_spring_security_check?spring-security-redirect=${url}" method="POST">
<...>
</form>
The problem is that after this login fails spring-security redirects to the same page (it's set up to do that in the application context) and I have no way to retrieve the url I passed to spring-security-redirect. If this were accessing one of my own classes I would normally just pass it along as a hidden parameter in the form or a request parameter of my login controller. But since spring security is the one doing the redirection I'm a little lost.
So far the only solution I've come up with is trying to store this url in the sesssion, but then there's also no good way to remove it after a login completes succesfully. Any ideas?