Custom Error Messages in Login JSP

**kbaum** · Dec 9th, 2004, 02:52 PM

I am using the AuthenticationProcessingFilter for logins to my web application. From a security standpoint everything works nicely, but I am having some trouble customizing the error messages on failed login attempts. The requirements are such that I display error messages indicated the reason for the login failure. These messages include:

"You have entered an invalid password. "

and

"User name not found. "

The issue is that upon failure, I do not have the necessary information to figure out the reason for the login failure. In both of the cases above, I am forwarded back to a jsp with access to a BadCredentialsException containing a "Bad credentials presented" error message. Am I missing something? Thanks.

-karl

**Ben Alex** · Dec 9th, 2004, 02:57 PM

You need to set the DaoAuthenticationProvider.hideUserNotFoundExceptio ns to false (it defaults to true, which is why you get the same exception for both authentication failure reasons).

**kbaum** · Dec 9th, 2004, 03:28 PM

That worked perfectly. Thanks for the unbelievably quick response.

-karl

Thread: Custom Error Messages in Login JSP

Thread Tools

Display

Custom Error Messages in Login JSP

Similar Threads

Question on use of custom property editors - problem found?

registerCustomEditor to a collection of custom classes

Custom SecureContext object to load other stuff on login

Creating Custom CAS Login

Acegi - Login Tapestry

Posting Permissions