jquery - Spring Security Core authAjax, How do I ignore the Referer -

i'm using grails 1.3.7 , latest spring-security-core plugin. i've implemented following method in logincontroller:

def authajax = {    response.setheader 'location', springsecurityutils.securityconfig.auth.ajaxloginformurl    response.senderror httpservletresponse.sc_unauthorized } 

and in global javascript file, have following:

$.ajaxsetup({    error: function(xhr, status, err) {       if (xhr.status == 401) {          // display login form in dialog       }    } }); 

the login form standard login form directly plugin documentation. difference submit form using jquery so:

var params = $('#ajaxloginform').serialize(); $.post($('#ajaxloginform').attr('action'), params, function(jsondata) {    if (jsondata.success) {       $('#login-dialog').dialog('close');    } else {       alert('todo: display errors');    } }, 'json'); 

the problem first time click login button, seem authenticating ok, response coming server 302 redirect based on referer request header. body of $.post() never gets ran. i'm getting html instead of json. doesn't hit logincontroller.ajaxsuccess method until second submission. i've read , re-read documentation , must missing something.

update: looks might not referer issue, since second time form posted, referer still there. i'm @ complete loss why have submit form twice ajaxsuccess method called.

when make un-authorized attempt access protected resource, spring security saves request on session (http://static.springsource.org/spring-security/site/apidocs/org/springframework/security/web/savedrequest/defaultsavedrequest.html), , when authenticate, redirects request. can turn behavior off across board spring security configuration, that's not want workflows. explicitly remove savedrequest session in authajax method, again, that's not best experience user.

i believe logincontroller.ajaxsuccess gets hit if there no savedrequest redirect insted, html you're getting should result of original request, un-authorized @ time. so, trick want use whatever function have used process original request success method on #ajaxloginform submission.