Spring Security : Redirecting to login page if the authentication failed

Question

We are having two ways of logging in.

The user name and password are sent by another app in the request headers. IT is examined and if the user name and password are correct, it goes in. [A custom filter is written for this]

If the user name and password are not present in the request headers, the login screen is presented.

When the user name and password are present in the request header and if it's wrong, I am shown an HTTP Status 401 - Authentication Failed: Bad credentials page.

How do I make it show the login page in case the authentication failed?

Below is the code in the security.xml

    <http auto-config="true" use-expressions="true">
             <access-denied-handler error-page="/login.jsp"/>
            <intercept-url pattern="/*Login*" access="hasRole('ROLE_ANONYMOUS')"/>
            <intercept-url pattern="/*" access="hasRole('ROLE_USER') or hasRole('ROLE_ADMIN')"/>
            <custom-filter ref="requestHeaderFilter" before="FORM_LOGIN_FILTER"/>
            <form-login login-page="/login.jsp"/>

    </http>

Please let me know if you need more information.

Edit: Adding the code for RequestHeader filter in my application

public class RequestHeaderProcessingFilter extends AbstractAuthenticationProcessingFilter{

private String usernameHeader = "j_username";
private String passwordHeader = "j_password";


protected RequestHeaderProcessingFilter() {
    super("/login_direct");
 }

//getters and setters

@Override
public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) throws AuthenticationException, IOException, ServletException {
    String username = request.getHeader(usernameHeader);
    String password = request.getHeader(passwordHeader);

     SignedUsernamePasswordAuthenticationToken authRequest =
        new SignedUsernamePasswordAuthenticationToken(username, password);

      return this.getAuthenticationManager().authenticate(authRequest); 
}

}

Answer 1

To show the login page in case the authentication failed you should have the same url in the <access-denied-handler error-page="/login.jsp"/> and the <intercept-url pattern="/*Login*" access="hasRole('ROLE_ANONYMOUS')"/>

for example:

<global-method-security secured-annotations="enabled" />

<http auto-config="true" access-denied-page="/app/sesiones/procesarLogin"> 
    <logout logout-success-url="/app/sesiones/login" />
    <form-login 
        authentication-failure-url="/app/sesiones/login?error=true"
        login-page="/app/sesiones/login" default-target-url="/app/sesiones/procesarLogin" />
    <intercept-url pattern="/app/privados/*" access="ROLE_USER" />
</http>

in that example, the user is also redirected to login page after he logs out. The /procesarLogin is a method that sent user lo login.jsp page.