Home/ Questions/Q 4330978
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-21T10:02:27+00:00

And Thank you for reading me… I have an application with MVC Pattern with

  • 0

And Thank you for reading me…

I have an application with MVC Pattern with Hibernate, JSF2, RichFaces, Spring 3…

I have the login form working, but it´s impossible to show login errors… Why?

application-context:

<sec:form-login login-page="/pages/loginPage.xhtml"
 login-processing-url="/j_spring_security_check"
 authentication-success-handler-ref="myAuthSuccessHandler"
 authentication-failure-handler-ref="myAuthErrorHandler"/>

UserAuthenticationErrorHandler:

public class UserAuthenticationErrorHandler implements AuthenticationFailureHandler {
...
@Override
public void onAuthenticationFailure(HttpServletRequest request,
     HttpServletResponse response, AuthenticationException ae)
     throws IOException, ServletException {

    UsernamePasswordAuthenticationToken user = (UsernamePasswordAuthenticationToken)ae.getAuthentication();
    request.setAttribute("error", "Can you Show me???");
    response.sendRedirect("......");

}
...
}

And finally the login.xhtml that DON´T SHOW THE ERRORS 🙁

<c:out value="${SPRING_SECURITY_LAST_EXCEPTION.message}" />

        <c:out value="${error}"/>

        <c:if test="${not empty param.error}">
            Habemus error
        </c:if>

Any Idea??? Thank You very much!

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team
    <c:out value="${SPRING_SECURITY_LAST_EXCEPTION.message}" />

    displays a session attribute published by Spring Security, so it should work fine.

    With 

    request.setAttribute("error", "Can you Show me???");  
...
<c:out value="${error}"/>

    you try to display request attribute. However, request attributes doesn’t survive the redirect. If you need to pass a message over redirect, you can use session attribute instead:

    request.getSession().setAttribute("error", "Can you Show me???");

    In 

    <c:if test="${not empty param.error}">

    you check for request URL parameter named error. You should set that parameter when forming redirection URL:

    response.sendRedirect("......?error=1");
    • 0