Spring Security: How do I reset SPRING_SECURITY_LAST_EXCEPTION.message?

Question

I am able to display the SPRING_SECURITY_LAST_EXCEPTION.message ("Bad Credentials") when a user tries to log in with incorrect credentials.

My login jsp currently uses the following code:

<c:if test="${not empty SPRING_SECURITY_LAST_EXCEPTION.message}">
    <c:out value="${SPRING_SECURITY_LAST_EXCEPTION.message}" />
</c:if>

My problem is that the "Bad Credentials" message is still there when the user navigates away from the login page and then comes back.

How can I reset SPRING_SECURITY_LAST_EXCEPTION.message when a user refreshes the login page?

Answer 1

For me it was more easy at this way

<c:if test="${param.error != null}">
    <c:out value="${SPRING_SECURITY_LAST_EXCEPTION.message}" />
</c:if>

So you don't worry about removing vars and change the default URL,if there is some error it will be print as the URL got defined as parameter ?error and the exception will be printed (if you pass the parameter error manually nothing will happen because the exception does't exist).