OhadR
commented
7 years ago closed as this is a technical duplication of #74 "delete AuthenticationFailureHandler.SPRING_SECURITY_FORM_USERNAME_KEY"
Closed OhadR closed 7 years ago
OhadR
commented
7 years ago closed as this is a technical duplication of #74 "delete AuthenticationFailureHandler.SPRING_SECURITY_FORM_USERNAME_KEY"
when user fails to login, his counter of attempts does not decrease, and in the logs we see "... - login failed for user: null"
it happens because of #74 ; since I've upgraded Spring's version, Spring uses "username" rather than "j_username". Hence my AuthenticationFailureHandler could not get the username from the form, hence could not decrease his counter/lock, etc.