As a part of our retail website implementation, We have a requirement where after the session gets timed out (due to inactivity or session cookie clean up). A login pop up opens up. After successful authentication, the customer gets redirected to the target URL.
Upon attempt authentication, two calls get generated. One to the spring security handler and other to the target URL (which was attempted to be accessed)
I have seen the StorefrontAuthenticationSuccessHandler, which authenticates the customer and determines the target URL with the "Referer" and "Location" which is a response header attribute.
I have replaced the call to login page to our login pop up, but even after the authentication the request success, the control does not flows to the target URL, but remains on the same page.
User logs in, and goes to addresses.
The session times out.
The user clicks on my-orders
A login pop up is opened.
After successful authentication, the customer is redirected to the my orders page
Any hints please.