Problem with repeated login

[eric-5512]

I have a custom security class that implements AuthenticationProvider, called CrmAuthenticationProvider.

When I log in and the authentication fails to redirect the login page, it will go through the CrmAuthenticationProvider, resulting in repeated login calls.

1:code

 @Bean
    public CrmAuthenticationProvider authenticationProvider() {
        CrmAuthenticationProvider authProvider = new CrmAuthenticationProvider();
        authProvider.setUserDetailsService(userDetailsService());
        authProvider.setPasswordEncoder(passwordEncoder());
        return authProvider;
    }

    @Bean
    SecurityFilterChain filterChain(HttpSecurity httpSecurity) throws Exception {
        try {
            httpSecurity.authenticationProvider(authenticationProvider());
            httpSecurity.csrf().disable();
            httpSecurity
                    .authorizeRequests()
                    .antMatchers("/javax.faces.resource/**", "/registration").permitAll()
                    .antMatchers(HttpMethod.POST, "/login").permitAll()
                    .anyRequest().authenticated()
                    .and()
                    .formLogin()
                    .loginPage("/login")
                    .failureHandler(crmAuthenticationFailureHandler)
                    .permitAll()
                    .successHandler(crmAuthenticationSuccessHandler)
                    .and()
                    .logout()
                    .logoutSuccessHandler(crmLogOutSuccessHandler)
                    .deleteCookies("JSESSIONID");
            return httpSecurity.build();
        } catch (Exception ex) {
            throw new BeanCreationException("Wrong spring security configuration", ex);
        }
    }

2 code: CrmAuthenticationProvider

  @Override
    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
        String phone = (String) authentication.getPrincipal();
        String password = (String) authentication.getCredentials();
        System.out.println("CrmAuthenticationProvider");
        UserDetails userDetails = userDetailsService.loadUserByUsername(phone);

        if (userDetails == null) {
            throw new UsernameNotFoundException(".");
        }

        boolean isValid = passwordEncoder.matches(password, userDetails.getPassword());

        if (!isValid) {
            throw new BadCredentialsException("");
        }

        return new UsernamePasswordAuthenticationToken(userDetails, password, userDetails.getAuthorities());
    }

3 code

  <h:form prependId="false">
            <h1>CRM<span></span></h1>
            <span></span>
            <div>
                <span>
                    
                </span>
            </div>
            <div class="form-group">
                <span>phone</span>
                <p:inputText  id="username"/>
            </div>
            <div class="form-group">
                <span>password</span>
                <p:password  id="password"/>
            </div>
           

            <p:commandButton id="submit" value="login"  ajax="false"  style="width: 200px;margin-bottom: 20px;" />
            <h:outputStylesheet name="css/#{guestPreferences.layout}.css" library="rain-layout"/>
        </h:form>

4 code

    @Override
    public Configuration getConfiguration(ServletContext servletContext) {
        return ConfigurationBuilder.begin()
                .addRule()
                .when(Direction.isInbound().and(Path.matches("/")))
                .perform(Redirect.temporary("/web/dashboard.xhtml"))
                .addRule(Join.path("/error").to("/web/errorpages/error.xhtml"))
                .addRule(Join.path("/login").to("/web/login.xhtml"))
                .addRule(Join.path("/registration").to("/web/registration.xhtml"))
                .addRule(Join.path("/logout").to("/web/login.xhtml"));
    }

[eric-5512]

hello?