I am using the authentication tag in my jsp pages, which is referenced from the <access-denied-handler>
This shows the email address of the person who tired to login.

Eg:- denied.jsp

Access Denied <sec:authentication property="principal.username" />


If I refer to this jsp directly before I login, I get a server error, because there is no authentication context.

Now I could use Java directly within jsp, and check for nulls but was wondering if there was a better way to
do this from the tag itself.

Thanks