i have interited one spring web app, where we have implement our own CustomAuthentication Filter which extends AuthenticationProcessingFilter. We have implement our own UserServiceImpl which has one method
public UserDetails loadUserByUsername(String email)
In this we query the database and construct our Domain User Object. and check if the user is expired, if the user is locked etc... Based on that we throw the exception and expect the determineFailureUrl will catch those exception and return the user with the correct login screen. But that method always get the BadCredentialException even through i am throwing DisabledExpcetion. Is there something i am missing.
in my CustomAuthentication Filter i am overriding determineFailireUrl method.
Any input will be appreciated.
subject: Having conditional authenticationFailureUrl in spring security