Return username and password to login form grails spring security

Question

When a user fails authentication, I want the username and password to be returned to the form. I\'m using the spring security core plugin with Grails and Spring Security LD

Answer 1

For future reference, as the above answers are either too vague to be helpful to those of us who are just beginning to learn this framework for the first time (prompting such questions as: what's an AuthenticationFailureHandler? How do I implement one? How do I connect it to my existing infrastructure that was magically created by the namespace handler?) or no longer work (the code to store the username in SPRING_SECURITY_LAST_USERNAME was removed from UsernamePasswordAuthenticationFilter as of version 3.1.0), here's a little more detail on the first answer:

• An AuthenticationFailureHandler is used by the login process to decide what to do when authentication fails.
• The default login form setup as provided by uses a SimpleUrlAuthenticationFailureHandler to perform the redirection to the login failed url (which defaults to /spring_security_login?login_error).
• You can hook your own implementation in by using the authentication-failure-handler-ref attribute of your element.

So, my implementation looks like this:

public class UsernameStoringUrlAuthenticationFailureHandler extends SimpleUrlAuthenticationFailureHandler
{
    @Override
    public void onAuthenticationFailure (HttpServletRequest request, HttpServletResponse response,
            AuthenticationException exception) throws IOException, ServletException
    {
        request.getSession (true).setAttribute ("SPRING_SECURITY_LAST_USERNAME", request.getParameter ("j_username"));
        super.onAuthenticationFailure (request, response, exception);
    }
}

which is configured thus:

    
    ...

And then I can access the failed login username using the same approach as described in James Kleeh's answer here, but which no longer worked because of the change to the framework.