How can I get the username from a failed login using spring security?

Question

We\'re using spring security 3.0.5, Java 1.6 and Tomcat 6.0.32. In our .xml config file we\'ve got:

Answer 1

If you want to use Spring AOP, you can add the below code to your Aspect class:

private String usernameParameter = "username"; 

@Before("execution(* org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler.onAuthenticationFailure(..))")
public void beforeLoginFailure(JoinPoint joinPoint) throws Throwable {
        HttpServletRequest request = (HttpServletRequest) joinPoint.getArgs()[0];
        AuthenticationException exceptionObj = (AuthenticationException) joinPoint.getArgs()[2];

        String username = request.getParameter(usernameParameter);

        System.out.println(">>> Aspect check: AuthenticationException:  "+exceptionObj.getMessage());
        System.out.println(">>> Aspect check: user: "+ username + " failed to log in.");
}