private void redirectToOpenIdRegistrationUrl(
     HttpServletRequest request, HttpServletResponse response, AuthenticationException exception)
     throws IOException, ServletException {
   DefaultRedirectStrategy redirectStrategy = new DefaultRedirectStrategy();
   addOpenIdAttributesToSession(request, getOpenIdAuthenticationToken(exception));
   redirectStrategy.sendRedirect(request, response, openIdRegistrationUrl);
 }
  @Override
  public void sendRedirect(
      final HttpServletRequest request, final HttpServletResponse response, final String url)
      throws IOException {
    String redirectUrl = url;

    if (Boolean.valueOf(checkoutFlowFacade.isExpressCheckoutEnabledForStore())
        && StringUtils.isNotEmpty(request.getParameter("expressCheckoutEnabled"))) {
      redirectUrl = getExpressTargetUrl();
    }
    super.sendRedirect(request, response, redirectUrl);
  }
  @Override
  public void onAuthenticationSuccess(
      HttpServletRequest request, HttpServletResponse response, Authentication authentication)
      throws ServletException, IOException {
    Object principal = authentication.getPrincipal();
    IUserDetailsVOWrapper userDetailsVOWrapper =
        (principal instanceof IUserDetailsVOWrapper) ? (IUserDetailsVOWrapper) principal : null;
    UserDetailsVO userDetailsVO = userDetailsVOWrapper.getUserDetailsVO();
    if (userDetailsVO != null) {

      //			if (request.getServletContext().getFilterRegistration("areaFilter") != null) { // TODO
      //				AreaDetailsManager.setCurrAreaDetailsVO(request.getSession(),
      // AreaDetailsManager.getCityAreaDetailsVO(userDetailsVO.getAreaCd()));
      //			}

      //			userDetailsVO.setIp(HttpUtil.getRemoteAddr(request));
      //			userDetailsVO.setAdvertisingMedia(GlobalVars.getAdvertisingMedia(request));

      //			if (casAvailable) {
      //    			if (authentication instanceof CasAuthenticationToken) {
      //    				CasAuthenticationToken cat = (CasAuthenticationToken) authentication;
      ////    				userDetailsVO.setLoginAcctNo(cat.getAssertion().getPrincipal().getName());
      //    			} else if (authentication instanceof CasAssertionAuthenticationToken) {
      //    				CasAssertionAuthenticationToken casat = (CasAssertionAuthenticationToken)
      // authentication;
      ////    				userDetailsVO.setLoginAcctNo(casat.getAssertion().getPrincipal().getName());
      //    			}
      //			}
    }

    if ("ssoFrame".equalsIgnoreCase(request.getParameter("type"))) { // /loginCheck
      RequestCache requestCache =
          ReflectUtil.getFieldValue(this, "requestCache", RequestCache.class);
      SavedRequest savedRequest = requestCache.getRequest(request, response);
      if (savedRequest == null) {
        if (!response.isCommitted()) {
          String targetUrl = determineTargetUrl(request, response);
          DefaultRedirectStrategy redirectStrategy =
              (DefaultRedirectStrategy) this.getRedirectStrategy();
          String redirectUrl =
              (String)
                  ReflectUtil.invokeMethod(
                      redirectStrategy,
                      "calculateRedirectUrl",
                      new Object[] {request.getContextPath(), targetUrl});
          redirectUrl = response.encodeRedirectURL(redirectUrl);

          HttpSession session = request.getSession(true);
          String ssoAuto = (String) session.getAttribute("_SECURITY_SSO_AUTO"); // 自动登录
          if (Boolean.parseBoolean(ssoAuto)) {
            session.removeAttribute("_SECURITY_SSO_AUTO");
            String callbackUrl = (String) session.getAttribute("_SECURITY_SSO_CALLBACK_URL");
            session.removeAttribute("_SECURITY_SSO_CALLBACK_URL");

            redirectStrategy.sendRedirect(
                request, response, StringUtil.defaultIfBlank(callbackUrl, redirectUrl));
          } else {
            redirectStrategy.sendRedirect(
                request, response, ssoFrameTargetUrl + "?targetUrl=" + redirectUrl);
          }
        }

        clearAuthenticationAttributes(request);
      } else {
        requestCache.removeRequest(request, response);
        clearAuthenticationAttributes(request);
        this.getRedirectStrategy()
            .sendRedirect(
                request,
                response,
                ssoFrameTargetUrl + "?targetUrl=" + savedRequest.getRedirectUrl());
      }
    } else if (isAjaxRequest(request)) {
      this.onAuthenticationSuccessForAjax(request, response, authentication);
    } else {
      super.onAuthenticationSuccess(request, response, authentication);
    }

    EapContext.publish("#login.success", authentication);
  }