From 429bbbbaf14a8016c09f0fba0c8ff347e6270f26 Mon Sep 17 00:00:00 2001
From: db <danielgbarrigas@gmail.com>
Date: Tue, 26 Jun 2018 01:41:28 +0100
Subject: [PATCH 1/6] Server Sent Events example using Spring Webflux and React

---
 .../sse/controller/EventController.java       | 26 ++++++++++++
 .../reactive/sse/model/EventSubscription.java | 22 ++++++++++
 .../service/EventSubscriptionsService.java    | 41 +++++++++++++++++++
 .../service/emitter/DateEmitterService.java   | 27 ++++++++++++
 .../src/main/resources/static/app.js          | 36 ++++++++++++++++
 .../src/main/resources/static/sse-index.html  | 19 +++++++++
 .../reactive/sse/ServerSentEventsTest.java    | 39 ++++++++++++++++++
 7 files changed, 210 insertions(+)
 create mode 100644 spring-5-reactive/src/main/java/com/baeldung/reactive/sse/controller/EventController.java
 create mode 100644 spring-5-reactive/src/main/java/com/baeldung/reactive/sse/model/EventSubscription.java
 create mode 100644 spring-5-reactive/src/main/java/com/baeldung/reactive/sse/service/EventSubscriptionsService.java
 create mode 100644 spring-5-reactive/src/main/java/com/baeldung/reactive/sse/service/emitter/DateEmitterService.java
 create mode 100644 spring-5-reactive/src/main/resources/static/app.js
 create mode 100644 spring-5-reactive/src/main/resources/static/sse-index.html
 create mode 100644 spring-5-reactive/src/test/java/com/baeldung/reactive/sse/ServerSentEventsTest.java

diff --git a/spring-5-reactive/src/main/java/com/baeldung/reactive/sse/controller/EventController.java b/spring-5-reactive/src/main/java/com/baeldung/reactive/sse/controller/EventController.java
new file mode 100644
index 000000000000..e692aa3a743a
--- /dev/null
+++ b/spring-5-reactive/src/main/java/com/baeldung/reactive/sse/controller/EventController.java
@@ -0,0 +1,26 @@
+package com.baeldung.reactive.sse.controller;
+
+
+import com.baeldung.reactive.sse.service.EventSubscriptionsService;
+import org.springframework.http.MediaType;
+import org.springframework.http.codec.ServerSentEvent;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RestController;
+import reactor.core.publisher.Flux;
+
+@RestController
+public class EventController {
+
+    private EventSubscriptionsService eventSubscriptionsService;
+
+    public EventController(EventSubscriptionsService eventSubscriptionsService) {
+        this.eventSubscriptionsService = eventSubscriptionsService;
+    }
+
+    @GetMapping(
+            produces = MediaType.TEXT_EVENT_STREAM_VALUE,
+            value = "/sse/events")
+    public Flux<ServerSentEvent> events() {
+        return eventSubscriptionsService.subscribe();
+    }
+}
diff --git a/spring-5-reactive/src/main/java/com/baeldung/reactive/sse/model/EventSubscription.java b/spring-5-reactive/src/main/java/com/baeldung/reactive/sse/model/EventSubscription.java
new file mode 100644
index 000000000000..4d3ce27156b0
--- /dev/null
+++ b/spring-5-reactive/src/main/java/com/baeldung/reactive/sse/model/EventSubscription.java
@@ -0,0 +1,22 @@
+package com.baeldung.reactive.sse.model;
+
+import org.springframework.http.codec.ServerSentEvent;
+import reactor.core.publisher.DirectProcessor;
+import reactor.core.publisher.Flux;
+
+public class EventSubscription {
+
+    private DirectProcessor<ServerSentEvent> directProcessor;
+
+    public EventSubscription() {
+        this.directProcessor = DirectProcessor.create();
+    }
+
+    public void emit(ServerSentEvent e) {
+        directProcessor.onNext(e);
+    }
+
+    public Flux<ServerSentEvent> subscribe() {
+        return directProcessor;
+    }
+}
diff --git a/spring-5-reactive/src/main/java/com/baeldung/reactive/sse/service/EventSubscriptionsService.java b/spring-5-reactive/src/main/java/com/baeldung/reactive/sse/service/EventSubscriptionsService.java
new file mode 100644
index 000000000000..f245ce61845b
--- /dev/null
+++ b/spring-5-reactive/src/main/java/com/baeldung/reactive/sse/service/EventSubscriptionsService.java
@@ -0,0 +1,41 @@
+package com.baeldung.reactive.sse.service;
+
+import com.baeldung.reactive.sse.model.EventSubscription;
+import org.springframework.http.codec.ServerSentEvent;
+import org.springframework.stereotype.Service;
+import reactor.core.publisher.Flux;
+
+import java.util.ArrayList;
+import java.util.Date;
+import java.util.List;
+import java.util.UUID;
+
+@Service
+public class EventSubscriptionsService {
+
+    private List<EventSubscription> listeners;
+
+    public EventSubscriptionsService() {
+        this.listeners = new ArrayList<>();
+    }
+
+    public Flux<ServerSentEvent> subscribe() {
+        EventSubscription e = new EventSubscription();
+        listeners.add(e);
+
+        return e.subscribe();
+    }
+
+    public void sendDateEvent(Date date) {
+        for (EventSubscription e : listeners) {
+            try {
+                e.emit(ServerSentEvent.builder(date)
+                        .event("date")
+                        .id(UUID.randomUUID().toString())
+                        .build());
+            } catch (Exception ex) {
+                listeners.remove(e);
+            }
+        }
+    }
+}
diff --git a/spring-5-reactive/src/main/java/com/baeldung/reactive/sse/service/emitter/DateEmitterService.java b/spring-5-reactive/src/main/java/com/baeldung/reactive/sse/service/emitter/DateEmitterService.java
new file mode 100644
index 000000000000..29b70865dcb7
--- /dev/null
+++ b/spring-5-reactive/src/main/java/com/baeldung/reactive/sse/service/emitter/DateEmitterService.java
@@ -0,0 +1,27 @@
+package com.baeldung.reactive.sse.service.emitter;
+
+import com.baeldung.reactive.sse.service.EventSubscriptionsService;
+import org.springframework.stereotype.Service;
+import reactor.core.publisher.Flux;
+
+import javax.annotation.PostConstruct;
+import java.time.Duration;
+import java.util.Date;
+import java.util.stream.Stream;
+
+@Service
+public class DateEmitterService {
+
+    private EventSubscriptionsService eventSubscriptionsService;
+
+    public DateEmitterService(EventSubscriptionsService eventSubscriptionsService) {
+        this.eventSubscriptionsService = eventSubscriptionsService;
+    }
+
+    @PostConstruct
+    public void init() {
+        Flux.fromStream(Stream.generate(Date::new))
+                .delayElements(Duration.ofSeconds(1))
+                .subscribe(data -> eventSubscriptionsService.sendDateEvent(new Date()));
+    }
+}
diff --git a/spring-5-reactive/src/main/resources/static/app.js b/spring-5-reactive/src/main/resources/static/app.js
new file mode 100644
index 000000000000..2af2ae584419
--- /dev/null
+++ b/spring-5-reactive/src/main/resources/static/app.js
@@ -0,0 +1,36 @@
+let Clock = React.createClass({
+
+    getInitialState: function() {
+        const self = this;
+        const ev = new EventSource("http://localhost:8080/sse/events");
+
+        self.setState({currentDate : moment(new Date()).format("MMMM Do YYYY, h:mm:ss a")});
+
+        ev.addEventListener("date", function(e) {
+            self.setState({currentDate :  moment(JSON.parse(e.data).date).format("MMMM Do YYYY, h:mm:ss a")});
+        }, false);
+
+        return {currentDate: moment(new Date()).format("MMMM Do YYYY, h:mm:ss a") };
+    },
+
+    render() {
+        return (
+            <p>
+                Current time: {this.state.currentDate}
+            </p>
+        );
+    }
+
+});
+
+let App = React.createClass({
+    render() {
+        return (
+            <div>
+                <Clock/>
+            </div>
+        );
+    }
+});
+
+ReactDOM.render(<App />, document.getElementById('root') );
\ No newline at end of file
diff --git a/spring-5-reactive/src/main/resources/static/sse-index.html b/spring-5-reactive/src/main/resources/static/sse-index.html
new file mode 100644
index 000000000000..875c8176af00
--- /dev/null
+++ b/spring-5-reactive/src/main/resources/static/sse-index.html
@@ -0,0 +1,19 @@
+<!DOCTYPE html>
+<html>
+
+<head>
+    <title>React + Spring</title>
+</head>
+
+<body>
+<div id="root"></div>
+
+<script src="https://unpkg.com/react@15/dist/react.min.js"></script>
+<script src="https://unpkg.com/react-dom@15/dist/react-dom.min.js"></script>
+<script src="https://cdnjs.cloudflare.com/ajax/libs/babel-core/5.8.24/browser.min.js"></script>
+<script src="https://unpkg.com/moment@2.22.2/moment.js"></script>
+
+<script type="text/babel" src="app.js"></script>
+</body>
+
+</html>
\ No newline at end of file
diff --git a/spring-5-reactive/src/test/java/com/baeldung/reactive/sse/ServerSentEventsTest.java b/spring-5-reactive/src/test/java/com/baeldung/reactive/sse/ServerSentEventsTest.java
new file mode 100644
index 000000000000..48e8c23c37e5
--- /dev/null
+++ b/spring-5-reactive/src/test/java/com/baeldung/reactive/sse/ServerSentEventsTest.java
@@ -0,0 +1,39 @@
+package com.baeldung.reactive.sse;
+
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.test.context.SpringBootTest;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.MediaType;
+import org.springframework.test.context.junit4.SpringRunner;
+import org.springframework.test.web.reactive.server.WebTestClient;
+
+@RunWith(SpringRunner.class)
+@SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT)
+public class ServerSentEventsTest {
+
+    @Autowired
+    private WebTestClient webClient;
+
+    @Test
+    public void contextLoads() {
+    }
+
+    @Test
+    public void givenValidRequest_shouldReceiveOk() throws Exception {
+
+        webClient.get().uri("/events").accept(MediaType.TEXT_EVENT_STREAM)
+                .exchange()
+                .expectStatus().isOk();
+    }
+
+    @Test
+    public void givenInvalidHttpVerb_shouldReceiveMethodNotAllowedError() throws Exception {
+
+        webClient.post().uri("/events").accept(MediaType.TEXT_EVENT_STREAM)
+                .exchange()
+                .expectStatus().isEqualTo(HttpStatus.METHOD_NOT_ALLOWED);
+    }
+
+}

From 69bb8daf0c0a5532df785670929cf1159107a420 Mon Sep 17 00:00:00 2001
From: db <danielgbarrigas@gmail.com>
Date: Fri, 13 Jul 2018 22:16:18 +0100
Subject: [PATCH 2/6] spring security custom AuthenticationFailureHandler

---
 spring-boot-security/pom.xml                  | 23 ++++-
 .../SpringBootSecurityApplication.java        | 12 +++
 .../configuration/SecurityConfiguration.java  | 40 +++++++++
 .../CustomAuthenticationFailureHandler.java   | 28 ++++++
 .../form_login/FormLoginIntegrationTest.java  | 87 +++++++++++++++++++
 5 files changed, 187 insertions(+), 3 deletions(-)
 create mode 100644 spring-boot-security/src/main/java/com/baeldung/springbootsecurity/form_login/SpringBootSecurityApplication.java
 create mode 100644 spring-boot-security/src/main/java/com/baeldung/springbootsecurity/form_login/configuration/SecurityConfiguration.java
 create mode 100644 spring-boot-security/src/main/java/com/baeldung/springbootsecurity/form_login/security/CustomAuthenticationFailureHandler.java
 create mode 100644 spring-boot-security/src/test/java/com/baeldung/springbootsecurity/form_login/FormLoginIntegrationTest.java

diff --git a/spring-boot-security/pom.xml b/spring-boot-security/pom.xml
index 8763c210c8dc..b10f8e6e47e0 100644
--- a/spring-boot-security/pom.xml
+++ b/spring-boot-security/pom.xml
@@ -10,9 +10,10 @@
     <description>Spring Boot Security Auto-Configuration</description>
 
     <parent>
-        <groupId>com.baeldung</groupId>
-        <artifactId>parent-modules</artifactId>
-        <version>1.0.0-SNAPSHOT</version>
+        <groupId>org.springframework.boot</groupId>
+        <artifactId>spring-boot-starter-parent</artifactId>
+        <version>1.5.9.RELEASE</version>
+        <relativePath/> <!-- lookup parent from repository -->
     </parent>
 
     <dependencyManagement>
@@ -55,6 +56,11 @@
             <artifactId>spring-security-test</artifactId>
             <scope>test</scope>
         </dependency>
+        <dependency>
+            <groupId>org.springframework.security</groupId>
+            <artifactId>spring-security-test</artifactId>
+            <scope>test</scope>
+        </dependency>
     </dependencies>
 
     <build>
@@ -62,6 +68,16 @@
             <plugin>
                 <groupId>org.springframework.boot</groupId>
                 <artifactId>spring-boot-maven-plugin</artifactId>
+                <executions>
+                    <execution>
+                        <goals>
+                            <goal>repackage</goal>
+                        </goals>
+                        <configuration> <!-- multiple main classes present, choose one -->
+                            <mainClass>com.baeldung.springbootsecurity.basic_auth.SpringBootSecurityApplication</mainClass>
+                        </configuration>
+                    </execution>
+                </executions>
             </plugin>
         </plugins>
     </build>
@@ -69,6 +85,7 @@
     <properties>
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
         <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
+        <java.version>1.8</java.version>
     </properties>
 
 </project>
diff --git a/spring-boot-security/src/main/java/com/baeldung/springbootsecurity/form_login/SpringBootSecurityApplication.java b/spring-boot-security/src/main/java/com/baeldung/springbootsecurity/form_login/SpringBootSecurityApplication.java
new file mode 100644
index 000000000000..9f4796e1f912
--- /dev/null
+++ b/spring-boot-security/src/main/java/com/baeldung/springbootsecurity/form_login/SpringBootSecurityApplication.java
@@ -0,0 +1,12 @@
+package com.baeldung.springbootsecurity.form_login;
+
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+
+@SpringBootApplication(scanBasePackages = "com.baeldung.springbootsecurity.form_login")
+public class SpringBootSecurityApplication {
+
+    public static void main(String[] args) {
+        SpringApplication.run(SpringBootSecurityApplication.class, args);
+    }
+}
diff --git a/spring-boot-security/src/main/java/com/baeldung/springbootsecurity/form_login/configuration/SecurityConfiguration.java b/spring-boot-security/src/main/java/com/baeldung/springbootsecurity/form_login/configuration/SecurityConfiguration.java
new file mode 100644
index 000000000000..1f5c53eb2bab
--- /dev/null
+++ b/spring-boot-security/src/main/java/com/baeldung/springbootsecurity/form_login/configuration/SecurityConfiguration.java
@@ -0,0 +1,40 @@
+package com.baeldung.springbootsecurity.form_login.configuration;
+
+import com.baeldung.springbootsecurity.form_login.security.CustomAuthenticationFailureHandler;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.web.authentication.AuthenticationFailureHandler;
+
+@Configuration
+@EnableWebSecurity
+public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
+
+    @Override
+    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
+        auth
+                .inMemoryAuthentication()
+                .withUser("baeldung")
+                .password("baeldung")
+                .roles("USER");
+    }
+
+    @Override
+    protected void configure(HttpSecurity http) throws Exception {
+        http
+                .authorizeRequests()
+                .anyRequest()
+                .authenticated()
+                .and()
+                .formLogin()
+                .failureHandler(customAuthenticationFailureHandler());
+    }
+
+    @Bean
+    public AuthenticationFailureHandler customAuthenticationFailureHandler() {
+        return new CustomAuthenticationFailureHandler();
+    }
+}
diff --git a/spring-boot-security/src/main/java/com/baeldung/springbootsecurity/form_login/security/CustomAuthenticationFailureHandler.java b/spring-boot-security/src/main/java/com/baeldung/springbootsecurity/form_login/security/CustomAuthenticationFailureHandler.java
new file mode 100644
index 000000000000..2617c1f475d6
--- /dev/null
+++ b/spring-boot-security/src/main/java/com/baeldung/springbootsecurity/form_login/security/CustomAuthenticationFailureHandler.java
@@ -0,0 +1,28 @@
+package com.baeldung.springbootsecurity.form_login.security;
+
+import com.fasterxml.jackson.databind.ObjectMapper;
+import org.springframework.http.HttpStatus;
+import org.springframework.security.core.AuthenticationException;
+import org.springframework.security.web.authentication.AuthenticationFailureHandler;
+
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import java.util.Calendar;
+import java.util.HashMap;
+import java.util.Map;
+
+public class CustomAuthenticationFailureHandler implements AuthenticationFailureHandler {
+    private final ObjectMapper objectMapper = new ObjectMapper();
+
+    @Override
+    public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response, AuthenticationException exception) throws IOException, ServletException {
+        response.setStatus(HttpStatus.UNAUTHORIZED.value());
+        Map<String, Object> data = new HashMap<>();
+        data.put("timestamp", Calendar.getInstance().getTime());
+        data.put("exception", exception.getMessage());
+
+        response.getOutputStream().println(objectMapper.writeValueAsString(data));
+    }
+}
diff --git a/spring-boot-security/src/test/java/com/baeldung/springbootsecurity/form_login/FormLoginIntegrationTest.java b/spring-boot-security/src/test/java/com/baeldung/springbootsecurity/form_login/FormLoginIntegrationTest.java
new file mode 100644
index 000000000000..d5b5d8637b6c
--- /dev/null
+++ b/spring-boot-security/src/test/java/com/baeldung/springbootsecurity/form_login/FormLoginIntegrationTest.java
@@ -0,0 +1,87 @@
+package com.baeldung.springbootsecurity.form_login;
+
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.test.context.SpringBootTest;
+import org.springframework.test.context.junit4.SpringRunner;
+import org.springframework.test.web.servlet.MockMvc;
+import org.springframework.test.web.servlet.MvcResult;
+import org.springframework.test.web.servlet.setup.MockMvcBuilders;
+import org.springframework.web.context.WebApplicationContext;
+
+import javax.servlet.Filter;
+
+import static org.junit.Assert.assertTrue;
+import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestBuilders.formLogin;
+import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.csrf;
+import static org.springframework.security.test.web.servlet.response.SecurityMockMvcResultMatchers.authenticated;
+import static org.springframework.security.test.web.servlet.response.SecurityMockMvcResultMatchers.unauthenticated;
+import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post;
+import static org.springframework.test.web.servlet.result.MockMvcResultHandlers.print;
+import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.redirectedUrl;
+import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
+
+@RunWith(SpringRunner.class)
+@SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT, classes = com.baeldung.springbootsecurity.form_login.SpringBootSecurityApplication.class)
+public class FormLoginIntegrationTest {
+
+    @Autowired
+    private WebApplicationContext context;
+
+    @Autowired
+    private Filter springSecurityFilterChain;
+
+    private MockMvc mvc;
+
+    @Before
+    public void setup() {
+        mvc = MockMvcBuilders
+                .webAppContextSetup(context)
+                .addFilters(springSecurityFilterChain)
+                .build();
+    }
+
+    @Test
+    public void givenRequestWithoutSessionOrCsrfToken_shouldFailWith403() throws Exception {
+        mvc
+                .perform(post("/"))
+                .andExpect(status().isForbidden());
+    }
+
+    @Test
+    public void givenRequestWithInvalidCsrfToken_shouldFailWith403() throws Exception {
+        mvc
+                .perform(post("/").with(csrf().useInvalidToken()))
+                .andExpect(status().isForbidden());
+    }
+
+    @Test
+    public void givenRequestWithValidCsrfTokenAndWithoutSessionToken_shouldReceive302WithLocationHeaderToLoginPage() throws Exception {
+        MvcResult mvcResult = mvc.perform(post("/").with(csrf())).andReturn();
+        assertTrue(mvcResult.getResponse().getStatus() == 302);
+        assertTrue(mvcResult.getResponse().getHeader("Location").contains("login"));
+    }
+
+    @Test
+    public void givenValidRequestWithValidCredentials_shouldLoginSuccessfully() throws Exception {
+        mvc
+                .perform(formLogin().user("baeldung").password("baeldung"))
+                .andExpect(status().isFound())
+                .andExpect(redirectedUrl("/"))
+                .andExpect(authenticated().withUsername("baeldung"));
+    }
+
+    @Test
+    public void givenValidRequestWithInvalidCredentials_shouldFailWith401() throws Exception {
+        MvcResult result = mvc
+                .perform(formLogin().user("random").password("random"))
+                .andExpect(status().isUnauthorized())
+                .andDo(print())
+                .andExpect(unauthenticated())
+                .andReturn();
+
+        assertTrue(result.getResponse().getContentAsString().contains("Bad credentials"));
+    }
+}

From a9a0a3978ec55b695dbf073f768dbe831cf72621 Mon Sep 17 00:00:00 2001
From: db <danielgbarrigas@gmail.com>
Date: Sat, 14 Jul 2018 16:01:28 +0100
Subject: [PATCH 3/6] refactor

---
 spring-boot-security/pom.xml                  | 20 ++++---------
 .../configuration/SecurityConfiguration.java  | 29 ++++++++++++++++++-
 .../CustomAuthenticationFailureHandler.java   | 28 ------------------
 3 files changed, 33 insertions(+), 44 deletions(-)
 delete mode 100644 spring-boot-security/src/main/java/com/baeldung/springbootsecurity/form_login/security/CustomAuthenticationFailureHandler.java

diff --git a/spring-boot-security/pom.xml b/spring-boot-security/pom.xml
index b10f8e6e47e0..130bd5223532 100644
--- a/spring-boot-security/pom.xml
+++ b/spring-boot-security/pom.xml
@@ -10,10 +10,9 @@
     <description>Spring Boot Security Auto-Configuration</description>
 
     <parent>
-        <groupId>org.springframework.boot</groupId>
-        <artifactId>spring-boot-starter-parent</artifactId>
-        <version>1.5.9.RELEASE</version>
-        <relativePath/> <!-- lookup parent from repository -->
+        <groupId>com.baeldung</groupId>
+        <artifactId>parent-modules</artifactId>
+        <version>1.0.0-SNAPSHOT</version>
     </parent>
 
     <dependencyManagement>
@@ -21,7 +20,7 @@
             <dependency>
                 <groupId>org.springframework.boot</groupId>
                 <artifactId>spring-boot-dependencies</artifactId>
-                <version>1.5.9.RELEASE</version>
+                <version>${spring-boot.version}</version>
                 <type>pom</type>
                 <scope>import</scope>
             </dependency>
@@ -68,16 +67,6 @@
             <plugin>
                 <groupId>org.springframework.boot</groupId>
                 <artifactId>spring-boot-maven-plugin</artifactId>
-                <executions>
-                    <execution>
-                        <goals>
-                            <goal>repackage</goal>
-                        </goals>
-                        <configuration> <!-- multiple main classes present, choose one -->
-                            <mainClass>com.baeldung.springbootsecurity.basic_auth.SpringBootSecurityApplication</mainClass>
-                        </configuration>
-                    </execution>
-                </executions>
             </plugin>
         </plugins>
     </build>
@@ -86,6 +75,7 @@
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
         <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
         <java.version>1.8</java.version>
+        <spring-boot.version>1.5.9.RELEASE</spring-boot.version>
     </properties>
 
 </project>
diff --git a/spring-boot-security/src/main/java/com/baeldung/springbootsecurity/form_login/configuration/SecurityConfiguration.java b/spring-boot-security/src/main/java/com/baeldung/springbootsecurity/form_login/configuration/SecurityConfiguration.java
index 1f5c53eb2bab..6ab522ef0084 100644
--- a/spring-boot-security/src/main/java/com/baeldung/springbootsecurity/form_login/configuration/SecurityConfiguration.java
+++ b/spring-boot-security/src/main/java/com/baeldung/springbootsecurity/form_login/configuration/SecurityConfiguration.java
@@ -1,14 +1,24 @@
 package com.baeldung.springbootsecurity.form_login.configuration;
 
-import com.baeldung.springbootsecurity.form_login.security.CustomAuthenticationFailureHandler;
+import com.fasterxml.jackson.databind.ObjectMapper;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.http.HttpStatus;
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.web.authentication.AuthenticationFailureHandler;
 
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import java.util.Calendar;
+import java.util.HashMap;
+import java.util.Map;
+
 @Configuration
 @EnableWebSecurity
 public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
@@ -37,4 +47,21 @@ protected void configure(HttpSecurity http) throws Exception {
     public AuthenticationFailureHandler customAuthenticationFailureHandler() {
         return new CustomAuthenticationFailureHandler();
     }
+
+    /**
+     * Custom AuthenticationFailureHandler
+     */
+    public class CustomAuthenticationFailureHandler implements AuthenticationFailureHandler {
+        private final ObjectMapper objectMapper = new ObjectMapper();
+
+        @Override
+        public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response, AuthenticationException exception) throws IOException, ServletException {
+            response.setStatus(HttpStatus.UNAUTHORIZED.value());
+            Map<String, Object> data = new HashMap<>();
+            data.put("timestamp", Calendar.getInstance().getTime());
+            data.put("exception", exception.getMessage());
+
+            response.getOutputStream().println(objectMapper.writeValueAsString(data));
+        }
+    }
 }
diff --git a/spring-boot-security/src/main/java/com/baeldung/springbootsecurity/form_login/security/CustomAuthenticationFailureHandler.java b/spring-boot-security/src/main/java/com/baeldung/springbootsecurity/form_login/security/CustomAuthenticationFailureHandler.java
deleted file mode 100644
index 2617c1f475d6..000000000000
--- a/spring-boot-security/src/main/java/com/baeldung/springbootsecurity/form_login/security/CustomAuthenticationFailureHandler.java
+++ /dev/null
@@ -1,28 +0,0 @@
-package com.baeldung.springbootsecurity.form_login.security;
-
-import com.fasterxml.jackson.databind.ObjectMapper;
-import org.springframework.http.HttpStatus;
-import org.springframework.security.core.AuthenticationException;
-import org.springframework.security.web.authentication.AuthenticationFailureHandler;
-
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import java.io.IOException;
-import java.util.Calendar;
-import java.util.HashMap;
-import java.util.Map;
-
-public class CustomAuthenticationFailureHandler implements AuthenticationFailureHandler {
-    private final ObjectMapper objectMapper = new ObjectMapper();
-
-    @Override
-    public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response, AuthenticationException exception) throws IOException, ServletException {
-        response.setStatus(HttpStatus.UNAUTHORIZED.value());
-        Map<String, Object> data = new HashMap<>();
-        data.put("timestamp", Calendar.getInstance().getTime());
-        data.put("exception", exception.getMessage());
-
-        response.getOutputStream().println(objectMapper.writeValueAsString(data));
-    }
-}

From f18ad815a3af6666e4b7ca2c62401e0e5d59fb43 Mon Sep 17 00:00:00 2001
From: db <danielgbarrigas@gmail.com>
Date: Sat, 14 Jul 2018 16:10:57 +0100
Subject: [PATCH 4/6] moved SSE to branch

---
 .../sse/controller/EventController.java       | 26 ------------
 .../reactive/sse/model/EventSubscription.java | 22 ----------
 .../service/EventSubscriptionsService.java    | 41 -------------------
 .../service/emitter/DateEmitterService.java   | 27 ------------
 .../src/main/resources/static/app.js          | 36 ----------------
 .../src/main/resources/static/sse-index.html  | 19 ---------
 .../reactive/sse/ServerSentEventsTest.java    | 39 ------------------
 7 files changed, 210 deletions(-)
 delete mode 100644 spring-5-reactive/src/main/java/com/baeldung/reactive/sse/controller/EventController.java
 delete mode 100644 spring-5-reactive/src/main/java/com/baeldung/reactive/sse/model/EventSubscription.java
 delete mode 100644 spring-5-reactive/src/main/java/com/baeldung/reactive/sse/service/EventSubscriptionsService.java
 delete mode 100644 spring-5-reactive/src/main/java/com/baeldung/reactive/sse/service/emitter/DateEmitterService.java
 delete mode 100644 spring-5-reactive/src/main/resources/static/app.js
 delete mode 100644 spring-5-reactive/src/main/resources/static/sse-index.html
 delete mode 100644 spring-5-reactive/src/test/java/com/baeldung/reactive/sse/ServerSentEventsTest.java

diff --git a/spring-5-reactive/src/main/java/com/baeldung/reactive/sse/controller/EventController.java b/spring-5-reactive/src/main/java/com/baeldung/reactive/sse/controller/EventController.java
deleted file mode 100644
index e692aa3a743a..000000000000
--- a/spring-5-reactive/src/main/java/com/baeldung/reactive/sse/controller/EventController.java
+++ /dev/null
@@ -1,26 +0,0 @@
-package com.baeldung.reactive.sse.controller;
-
-
-import com.baeldung.reactive.sse.service.EventSubscriptionsService;
-import org.springframework.http.MediaType;
-import org.springframework.http.codec.ServerSentEvent;
-import org.springframework.web.bind.annotation.GetMapping;
-import org.springframework.web.bind.annotation.RestController;
-import reactor.core.publisher.Flux;
-
-@RestController
-public class EventController {
-
-    private EventSubscriptionsService eventSubscriptionsService;
-
-    public EventController(EventSubscriptionsService eventSubscriptionsService) {
-        this.eventSubscriptionsService = eventSubscriptionsService;
-    }
-
-    @GetMapping(
-            produces = MediaType.TEXT_EVENT_STREAM_VALUE,
-            value = "/sse/events")
-    public Flux<ServerSentEvent> events() {
-        return eventSubscriptionsService.subscribe();
-    }
-}
diff --git a/spring-5-reactive/src/main/java/com/baeldung/reactive/sse/model/EventSubscription.java b/spring-5-reactive/src/main/java/com/baeldung/reactive/sse/model/EventSubscription.java
deleted file mode 100644
index 4d3ce27156b0..000000000000
--- a/spring-5-reactive/src/main/java/com/baeldung/reactive/sse/model/EventSubscription.java
+++ /dev/null
@@ -1,22 +0,0 @@
-package com.baeldung.reactive.sse.model;
-
-import org.springframework.http.codec.ServerSentEvent;
-import reactor.core.publisher.DirectProcessor;
-import reactor.core.publisher.Flux;
-
-public class EventSubscription {
-
-    private DirectProcessor<ServerSentEvent> directProcessor;
-
-    public EventSubscription() {
-        this.directProcessor = DirectProcessor.create();
-    }
-
-    public void emit(ServerSentEvent e) {
-        directProcessor.onNext(e);
-    }
-
-    public Flux<ServerSentEvent> subscribe() {
-        return directProcessor;
-    }
-}
diff --git a/spring-5-reactive/src/main/java/com/baeldung/reactive/sse/service/EventSubscriptionsService.java b/spring-5-reactive/src/main/java/com/baeldung/reactive/sse/service/EventSubscriptionsService.java
deleted file mode 100644
index f245ce61845b..000000000000
--- a/spring-5-reactive/src/main/java/com/baeldung/reactive/sse/service/EventSubscriptionsService.java
+++ /dev/null
@@ -1,41 +0,0 @@
-package com.baeldung.reactive.sse.service;
-
-import com.baeldung.reactive.sse.model.EventSubscription;
-import org.springframework.http.codec.ServerSentEvent;
-import org.springframework.stereotype.Service;
-import reactor.core.publisher.Flux;
-
-import java.util.ArrayList;
-import java.util.Date;
-import java.util.List;
-import java.util.UUID;
-
-@Service
-public class EventSubscriptionsService {
-
-    private List<EventSubscription> listeners;
-
-    public EventSubscriptionsService() {
-        this.listeners = new ArrayList<>();
-    }
-
-    public Flux<ServerSentEvent> subscribe() {
-        EventSubscription e = new EventSubscription();
-        listeners.add(e);
-
-        return e.subscribe();
-    }
-
-    public void sendDateEvent(Date date) {
-        for (EventSubscription e : listeners) {
-            try {
-                e.emit(ServerSentEvent.builder(date)
-                        .event("date")
-                        .id(UUID.randomUUID().toString())
-                        .build());
-            } catch (Exception ex) {
-                listeners.remove(e);
-            }
-        }
-    }
-}
diff --git a/spring-5-reactive/src/main/java/com/baeldung/reactive/sse/service/emitter/DateEmitterService.java b/spring-5-reactive/src/main/java/com/baeldung/reactive/sse/service/emitter/DateEmitterService.java
deleted file mode 100644
index 29b70865dcb7..000000000000
--- a/spring-5-reactive/src/main/java/com/baeldung/reactive/sse/service/emitter/DateEmitterService.java
+++ /dev/null
@@ -1,27 +0,0 @@
-package com.baeldung.reactive.sse.service.emitter;
-
-import com.baeldung.reactive.sse.service.EventSubscriptionsService;
-import org.springframework.stereotype.Service;
-import reactor.core.publisher.Flux;
-
-import javax.annotation.PostConstruct;
-import java.time.Duration;
-import java.util.Date;
-import java.util.stream.Stream;
-
-@Service
-public class DateEmitterService {
-
-    private EventSubscriptionsService eventSubscriptionsService;
-
-    public DateEmitterService(EventSubscriptionsService eventSubscriptionsService) {
-        this.eventSubscriptionsService = eventSubscriptionsService;
-    }
-
-    @PostConstruct
-    public void init() {
-        Flux.fromStream(Stream.generate(Date::new))
-                .delayElements(Duration.ofSeconds(1))
-                .subscribe(data -> eventSubscriptionsService.sendDateEvent(new Date()));
-    }
-}
diff --git a/spring-5-reactive/src/main/resources/static/app.js b/spring-5-reactive/src/main/resources/static/app.js
deleted file mode 100644
index 2af2ae584419..000000000000
--- a/spring-5-reactive/src/main/resources/static/app.js
+++ /dev/null
@@ -1,36 +0,0 @@
-let Clock = React.createClass({
-
-    getInitialState: function() {
-        const self = this;
-        const ev = new EventSource("http://localhost:8080/sse/events");
-
-        self.setState({currentDate : moment(new Date()).format("MMMM Do YYYY, h:mm:ss a")});
-
-        ev.addEventListener("date", function(e) {
-            self.setState({currentDate :  moment(JSON.parse(e.data).date).format("MMMM Do YYYY, h:mm:ss a")});
-        }, false);
-
-        return {currentDate: moment(new Date()).format("MMMM Do YYYY, h:mm:ss a") };
-    },
-
-    render() {
-        return (
-            <p>
-                Current time: {this.state.currentDate}
-            </p>
-        );
-    }
-
-});
-
-let App = React.createClass({
-    render() {
-        return (
-            <div>
-                <Clock/>
-            </div>
-        );
-    }
-});
-
-ReactDOM.render(<App />, document.getElementById('root') );
\ No newline at end of file
diff --git a/spring-5-reactive/src/main/resources/static/sse-index.html b/spring-5-reactive/src/main/resources/static/sse-index.html
deleted file mode 100644
index 875c8176af00..000000000000
--- a/spring-5-reactive/src/main/resources/static/sse-index.html
+++ /dev/null
@@ -1,19 +0,0 @@
-<!DOCTYPE html>
-<html>
-
-<head>
-    <title>React + Spring</title>
-</head>
-
-<body>
-<div id="root"></div>
-
-<script src="https://unpkg.com/react@15/dist/react.min.js"></script>
-<script src="https://unpkg.com/react-dom@15/dist/react-dom.min.js"></script>
-<script src="https://cdnjs.cloudflare.com/ajax/libs/babel-core/5.8.24/browser.min.js"></script>
-<script src="https://unpkg.com/moment@2.22.2/moment.js"></script>
-
-<script type="text/babel" src="app.js"></script>
-</body>
-
-</html>
\ No newline at end of file
diff --git a/spring-5-reactive/src/test/java/com/baeldung/reactive/sse/ServerSentEventsTest.java b/spring-5-reactive/src/test/java/com/baeldung/reactive/sse/ServerSentEventsTest.java
deleted file mode 100644
index 48e8c23c37e5..000000000000
--- a/spring-5-reactive/src/test/java/com/baeldung/reactive/sse/ServerSentEventsTest.java
+++ /dev/null
@@ -1,39 +0,0 @@
-package com.baeldung.reactive.sse;
-
-import org.junit.Test;
-import org.junit.runner.RunWith;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.boot.test.context.SpringBootTest;
-import org.springframework.http.HttpStatus;
-import org.springframework.http.MediaType;
-import org.springframework.test.context.junit4.SpringRunner;
-import org.springframework.test.web.reactive.server.WebTestClient;
-
-@RunWith(SpringRunner.class)
-@SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT)
-public class ServerSentEventsTest {
-
-    @Autowired
-    private WebTestClient webClient;
-
-    @Test
-    public void contextLoads() {
-    }
-
-    @Test
-    public void givenValidRequest_shouldReceiveOk() throws Exception {
-
-        webClient.get().uri("/events").accept(MediaType.TEXT_EVENT_STREAM)
-                .exchange()
-                .expectStatus().isOk();
-    }
-
-    @Test
-    public void givenInvalidHttpVerb_shouldReceiveMethodNotAllowedError() throws Exception {
-
-        webClient.post().uri("/events").accept(MediaType.TEXT_EVENT_STREAM)
-                .exchange()
-                .expectStatus().isEqualTo(HttpStatus.METHOD_NOT_ALLOWED);
-    }
-
-}

From 509998a7c6b769ee4ff66bbe352d6b9afef47181 Mon Sep 17 00:00:00 2001
From: db <danielgbarrigas@gmail.com>
Date: Sun, 15 Jul 2018 09:24:32 +0100
Subject: [PATCH 5/6] remove pom properties

---
 spring-boot-security/pom.xml | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/spring-boot-security/pom.xml b/spring-boot-security/pom.xml
index 130bd5223532..1f904d0a673a 100644
--- a/spring-boot-security/pom.xml
+++ b/spring-boot-security/pom.xml
@@ -72,9 +72,6 @@
     </build>
 
     <properties>
-        <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
-        <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
-        <java.version>1.8</java.version>
         <spring-boot.version>1.5.9.RELEASE</spring-boot.version>
     </properties>
 

From aa0af30497bfc2b8699ba5a890d6ba6494f441d6 Mon Sep 17 00:00:00 2001
From: db <danielgbarrigas@gmail.com>
Date: Wed, 18 Jul 2018 12:40:56 +0100
Subject: [PATCH 6/6] moved AuthenticationFailureHandler example to
 spring-security-mvc-login

---
 .../SpringBootSecurityApplication.java        | 12 ---
 .../configuration/SecurityConfiguration.java  | 67 --------------
 .../form_login/FormLoginIntegrationTest.java  | 87 -------------------
 .../form_login/FormLoginUnitTest.java         | 87 -------------------
 .../CustomAuthenticationFailureHandler.java   | 22 +++++
 .../baeldung/spring/SecSecurityConfig.java    | 51 ++++++-----
 .../src/main/resources/webSecurityConfig.xml  |  8 +-
 .../baeldung/security/FormLoginUnitTest.java  | 63 ++++++++++++++
 8 files changed, 119 insertions(+), 278 deletions(-)
 delete mode 100644 spring-boot-security/src/main/java/com/baeldung/springbootsecurity/form_login/SpringBootSecurityApplication.java
 delete mode 100644 spring-boot-security/src/main/java/com/baeldung/springbootsecurity/form_login/configuration/SecurityConfiguration.java
 delete mode 100644 spring-boot-security/src/test/java/com/baeldung/springbootsecurity/form_login/FormLoginIntegrationTest.java
 delete mode 100644 spring-boot-security/src/test/java/com/baeldung/springbootsecurity/form_login/FormLoginUnitTest.java
 create mode 100644 spring-security-mvc-login/src/main/java/org/baeldung/security/CustomAuthenticationFailureHandler.java
 create mode 100644 spring-security-mvc-login/src/test/java/org/baeldung/security/FormLoginUnitTest.java

diff --git a/spring-boot-security/src/main/java/com/baeldung/springbootsecurity/form_login/SpringBootSecurityApplication.java b/spring-boot-security/src/main/java/com/baeldung/springbootsecurity/form_login/SpringBootSecurityApplication.java
deleted file mode 100644
index 9f4796e1f912..000000000000
--- a/spring-boot-security/src/main/java/com/baeldung/springbootsecurity/form_login/SpringBootSecurityApplication.java
+++ /dev/null
@@ -1,12 +0,0 @@
-package com.baeldung.springbootsecurity.form_login;
-
-import org.springframework.boot.SpringApplication;
-import org.springframework.boot.autoconfigure.SpringBootApplication;
-
-@SpringBootApplication(scanBasePackages = "com.baeldung.springbootsecurity.form_login")
-public class SpringBootSecurityApplication {
-
-    public static void main(String[] args) {
-        SpringApplication.run(SpringBootSecurityApplication.class, args);
-    }
-}
diff --git a/spring-boot-security/src/main/java/com/baeldung/springbootsecurity/form_login/configuration/SecurityConfiguration.java b/spring-boot-security/src/main/java/com/baeldung/springbootsecurity/form_login/configuration/SecurityConfiguration.java
deleted file mode 100644
index 6ab522ef0084..000000000000
--- a/spring-boot-security/src/main/java/com/baeldung/springbootsecurity/form_login/configuration/SecurityConfiguration.java
+++ /dev/null
@@ -1,67 +0,0 @@
-package com.baeldung.springbootsecurity.form_login.configuration;
-
-import com.fasterxml.jackson.databind.ObjectMapper;
-import org.springframework.context.annotation.Bean;
-import org.springframework.context.annotation.Configuration;
-import org.springframework.http.HttpStatus;
-import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
-import org.springframework.security.config.annotation.web.builders.HttpSecurity;
-import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
-import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
-import org.springframework.security.core.AuthenticationException;
-import org.springframework.security.web.authentication.AuthenticationFailureHandler;
-
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import java.io.IOException;
-import java.util.Calendar;
-import java.util.HashMap;
-import java.util.Map;
-
-@Configuration
-@EnableWebSecurity
-public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
-
-    @Override
-    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
-        auth
-                .inMemoryAuthentication()
-                .withUser("baeldung")
-                .password("baeldung")
-                .roles("USER");
-    }
-
-    @Override
-    protected void configure(HttpSecurity http) throws Exception {
-        http
-                .authorizeRequests()
-                .anyRequest()
-                .authenticated()
-                .and()
-                .formLogin()
-                .failureHandler(customAuthenticationFailureHandler());
-    }
-
-    @Bean
-    public AuthenticationFailureHandler customAuthenticationFailureHandler() {
-        return new CustomAuthenticationFailureHandler();
-    }
-
-    /**
-     * Custom AuthenticationFailureHandler
-     */
-    public class CustomAuthenticationFailureHandler implements AuthenticationFailureHandler {
-        private final ObjectMapper objectMapper = new ObjectMapper();
-
-        @Override
-        public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response, AuthenticationException exception) throws IOException, ServletException {
-            response.setStatus(HttpStatus.UNAUTHORIZED.value());
-            Map<String, Object> data = new HashMap<>();
-            data.put("timestamp", Calendar.getInstance().getTime());
-            data.put("exception", exception.getMessage());
-
-            response.getOutputStream().println(objectMapper.writeValueAsString(data));
-        }
-    }
-}
diff --git a/spring-boot-security/src/test/java/com/baeldung/springbootsecurity/form_login/FormLoginIntegrationTest.java b/spring-boot-security/src/test/java/com/baeldung/springbootsecurity/form_login/FormLoginIntegrationTest.java
deleted file mode 100644
index d5b5d8637b6c..000000000000
--- a/spring-boot-security/src/test/java/com/baeldung/springbootsecurity/form_login/FormLoginIntegrationTest.java
+++ /dev/null
@@ -1,87 +0,0 @@
-package com.baeldung.springbootsecurity.form_login;
-
-import org.junit.Before;
-import org.junit.Test;
-import org.junit.runner.RunWith;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.boot.test.context.SpringBootTest;
-import org.springframework.test.context.junit4.SpringRunner;
-import org.springframework.test.web.servlet.MockMvc;
-import org.springframework.test.web.servlet.MvcResult;
-import org.springframework.test.web.servlet.setup.MockMvcBuilders;
-import org.springframework.web.context.WebApplicationContext;
-
-import javax.servlet.Filter;
-
-import static org.junit.Assert.assertTrue;
-import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestBuilders.formLogin;
-import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.csrf;
-import static org.springframework.security.test.web.servlet.response.SecurityMockMvcResultMatchers.authenticated;
-import static org.springframework.security.test.web.servlet.response.SecurityMockMvcResultMatchers.unauthenticated;
-import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post;
-import static org.springframework.test.web.servlet.result.MockMvcResultHandlers.print;
-import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.redirectedUrl;
-import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
-
-@RunWith(SpringRunner.class)
-@SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT, classes = com.baeldung.springbootsecurity.form_login.SpringBootSecurityApplication.class)
-public class FormLoginIntegrationTest {
-
-    @Autowired
-    private WebApplicationContext context;
-
-    @Autowired
-    private Filter springSecurityFilterChain;
-
-    private MockMvc mvc;
-
-    @Before
-    public void setup() {
-        mvc = MockMvcBuilders
-                .webAppContextSetup(context)
-                .addFilters(springSecurityFilterChain)
-                .build();
-    }
-
-    @Test
-    public void givenRequestWithoutSessionOrCsrfToken_shouldFailWith403() throws Exception {
-        mvc
-                .perform(post("/"))
-                .andExpect(status().isForbidden());
-    }
-
-    @Test
-    public void givenRequestWithInvalidCsrfToken_shouldFailWith403() throws Exception {
-        mvc
-                .perform(post("/").with(csrf().useInvalidToken()))
-                .andExpect(status().isForbidden());
-    }
-
-    @Test
-    public void givenRequestWithValidCsrfTokenAndWithoutSessionToken_shouldReceive302WithLocationHeaderToLoginPage() throws Exception {
-        MvcResult mvcResult = mvc.perform(post("/").with(csrf())).andReturn();
-        assertTrue(mvcResult.getResponse().getStatus() == 302);
-        assertTrue(mvcResult.getResponse().getHeader("Location").contains("login"));
-    }
-
-    @Test
-    public void givenValidRequestWithValidCredentials_shouldLoginSuccessfully() throws Exception {
-        mvc
-                .perform(formLogin().user("baeldung").password("baeldung"))
-                .andExpect(status().isFound())
-                .andExpect(redirectedUrl("/"))
-                .andExpect(authenticated().withUsername("baeldung"));
-    }
-
-    @Test
-    public void givenValidRequestWithInvalidCredentials_shouldFailWith401() throws Exception {
-        MvcResult result = mvc
-                .perform(formLogin().user("random").password("random"))
-                .andExpect(status().isUnauthorized())
-                .andDo(print())
-                .andExpect(unauthenticated())
-                .andReturn();
-
-        assertTrue(result.getResponse().getContentAsString().contains("Bad credentials"));
-    }
-}
diff --git a/spring-boot-security/src/test/java/com/baeldung/springbootsecurity/form_login/FormLoginUnitTest.java b/spring-boot-security/src/test/java/com/baeldung/springbootsecurity/form_login/FormLoginUnitTest.java
deleted file mode 100644
index d518f3b0c229..000000000000
--- a/spring-boot-security/src/test/java/com/baeldung/springbootsecurity/form_login/FormLoginUnitTest.java
+++ /dev/null
@@ -1,87 +0,0 @@
-package com.baeldung.springbootsecurity.form_login;
-
-import org.junit.Before;
-import org.junit.Test;
-import org.junit.runner.RunWith;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.boot.test.context.SpringBootTest;
-import org.springframework.test.context.junit4.SpringRunner;
-import org.springframework.test.web.servlet.MockMvc;
-import org.springframework.test.web.servlet.MvcResult;
-import org.springframework.test.web.servlet.setup.MockMvcBuilders;
-import org.springframework.web.context.WebApplicationContext;
-
-import javax.servlet.Filter;
-
-import static org.junit.Assert.assertTrue;
-import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestBuilders.formLogin;
-import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.csrf;
-import static org.springframework.security.test.web.servlet.response.SecurityMockMvcResultMatchers.authenticated;
-import static org.springframework.security.test.web.servlet.response.SecurityMockMvcResultMatchers.unauthenticated;
-import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post;
-import static org.springframework.test.web.servlet.result.MockMvcResultHandlers.print;
-import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.redirectedUrl;
-import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
-
-@RunWith(SpringRunner.class)
-@SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT, classes = com.baeldung.springbootsecurity.form_login.SpringBootSecurityApplication.class)
-public class FormLoginUnitTest {
-
-    @Autowired
-    private WebApplicationContext context;
-
-    @Autowired
-    private Filter springSecurityFilterChain;
-
-    private MockMvc mvc;
-
-    @Before
-    public void setup() {
-        mvc = MockMvcBuilders
-                .webAppContextSetup(context)
-                .addFilters(springSecurityFilterChain)
-                .build();
-    }
-
-    @Test
-    public void givenRequestWithoutSessionOrCsrfToken_shouldFailWith403() throws Exception {
-        mvc
-                .perform(post("/"))
-                .andExpect(status().isForbidden());
-    }
-
-    @Test
-    public void givenRequestWithInvalidCsrfToken_shouldFailWith403() throws Exception {
-        mvc
-                .perform(post("/").with(csrf().useInvalidToken()))
-                .andExpect(status().isForbidden());
-    }
-
-    @Test
-    public void givenRequestWithValidCsrfTokenAndWithoutSessionToken_shouldReceive302WithLocationHeaderToLoginPage() throws Exception {
-        MvcResult mvcResult = mvc.perform(post("/").with(csrf())).andReturn();
-        assertTrue(mvcResult.getResponse().getStatus() == 302);
-        assertTrue(mvcResult.getResponse().getHeader("Location").contains("login"));
-    }
-
-    @Test
-    public void givenValidRequestWithValidCredentials_shouldLoginSuccessfully() throws Exception {
-        mvc
-                .perform(formLogin().user("baeldung").password("baeldung"))
-                .andExpect(status().isFound())
-                .andExpect(redirectedUrl("/"))
-                .andExpect(authenticated().withUsername("baeldung"));
-    }
-
-    @Test
-    public void givenValidRequestWithInvalidCredentials_shouldFailWith401() throws Exception {
-        MvcResult result = mvc
-                .perform(formLogin().user("random").password("random"))
-                .andExpect(status().isUnauthorized())
-                .andDo(print())
-                .andExpect(unauthenticated())
-                .andReturn();
-
-        assertTrue(result.getResponse().getContentAsString().contains("Bad credentials"));
-    }
-}
diff --git a/spring-security-mvc-login/src/main/java/org/baeldung/security/CustomAuthenticationFailureHandler.java b/spring-security-mvc-login/src/main/java/org/baeldung/security/CustomAuthenticationFailureHandler.java
new file mode 100644
index 000000000000..5eddf3883e70
--- /dev/null
+++ b/spring-security-mvc-login/src/main/java/org/baeldung/security/CustomAuthenticationFailureHandler.java
@@ -0,0 +1,22 @@
+package org.baeldung.security;
+
+import org.springframework.http.HttpStatus;
+import org.springframework.security.core.AuthenticationException;
+import org.springframework.security.web.authentication.AuthenticationFailureHandler;
+
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import java.util.Calendar;
+
+public class CustomAuthenticationFailureHandler implements AuthenticationFailureHandler {
+
+    @Override
+    public void onAuthenticationFailure(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationException e) throws IOException, ServletException {
+        httpServletResponse.setStatus(HttpStatus.UNAUTHORIZED.value());
+
+        String jsonPayload = "{\"message\" : \"%s\", \"timestamp\" : \"%s\" }";
+        httpServletResponse.getOutputStream().println(String.format(jsonPayload, e.getMessage(), Calendar.getInstance().getTime()));
+    }
+}
diff --git a/spring-security-mvc-login/src/main/java/org/baeldung/spring/SecSecurityConfig.java b/spring-security-mvc-login/src/main/java/org/baeldung/spring/SecSecurityConfig.java
index d9a43d48d09a..accc7c9afd35 100644
--- a/spring-security-mvc-login/src/main/java/org/baeldung/spring/SecSecurityConfig.java
+++ b/spring-security-mvc-login/src/main/java/org/baeldung/spring/SecSecurityConfig.java
@@ -1,6 +1,7 @@
 package org.baeldung.spring;
 
 import org.baeldung.security.CustomAccessDeniedHandler;
+import org.baeldung.security.CustomAuthenticationFailureHandler;
 import org.baeldung.security.CustomLogoutSuccessHandler;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
@@ -10,6 +11,7 @@
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
 import org.springframework.security.web.access.AccessDeniedHandler;
+import org.springframework.security.web.authentication.AuthenticationFailureHandler;
 import org.springframework.security.web.authentication.logout.LogoutSuccessHandler;
 
 @Configuration
@@ -26,11 +28,11 @@ public SecSecurityConfig() {
     protected void configure(final AuthenticationManagerBuilder auth) throws Exception {
         // @formatter:off
         auth.inMemoryAuthentication()
-        .withUser("user1").password("user1Pass").roles("USER")
-        .and()
-        .withUser("user2").password("user2Pass").roles("USER")
-        .and()
-        .withUser("admin").password("adminPass").roles("ADMIN");
+                .withUser("user1").password("user1Pass").roles("USER")
+                .and()
+                .withUser("user2").password("user2Pass").roles("USER")
+                .and()
+                .withUser("admin").password("adminPass").roles("ADMIN");
         // @formatter:on
     }
 
@@ -38,23 +40,24 @@ protected void configure(final AuthenticationManagerBuilder auth) throws Excepti
     protected void configure(final HttpSecurity http) throws Exception {
         // @formatter:off
         http
-        .csrf().disable()
-        .authorizeRequests()
-        .antMatchers("/admin/**").hasRole("ADMIN")
-        .antMatchers("/anonymous*").anonymous()
-        .antMatchers("/login*").permitAll()
-        .anyRequest().authenticated()
-        .and()
-        .formLogin()
-        .loginPage("/login.html")
-        .loginProcessingUrl("/perform_login")
-        .defaultSuccessUrl("/homepage.html",true)
-        .failureUrl("/login.html?error=true")
-        .and()
-        .logout()
-        .logoutUrl("/perform_logout")
-        .deleteCookies("JSESSIONID")
-        .logoutSuccessHandler(logoutSuccessHandler());
+                .csrf().disable()
+                .authorizeRequests()
+                .antMatchers("/admin/**").hasRole("ADMIN")
+                .antMatchers("/anonymous*").anonymous()
+                .antMatchers("/login*").permitAll()
+                .anyRequest().authenticated()
+                .and()
+                .formLogin()
+                .loginPage("/login.html")
+                .loginProcessingUrl("/perform_login")
+                .defaultSuccessUrl("/homepage.html", true)
+                //.failureUrl("/login.html?error=true")
+                .failureHandler(authenticationFailureHandler())
+                .and()
+                .logout()
+                .logoutUrl("/perform_logout")
+                .deleteCookies("JSESSIONID")
+                .logoutSuccessHandler(logoutSuccessHandler());
         //.and()
         //.exceptionHandling().accessDeniedPage("/accessDenied");
         //.exceptionHandling().accessDeniedHandler(accessDeniedHandler());
@@ -71,4 +74,8 @@ public AccessDeniedHandler accessDeniedHandler() {
         return new CustomAccessDeniedHandler();
     }
 
+    @Bean
+    public AuthenticationFailureHandler authenticationFailureHandler() {
+        return new CustomAuthenticationFailureHandler();
+    }
 }
diff --git a/spring-security-mvc-login/src/main/resources/webSecurityConfig.xml b/spring-security-mvc-login/src/main/resources/webSecurityConfig.xml
index f0fa9569343f..189522889f01 100644
--- a/spring-security-mvc-login/src/main/resources/webSecurityConfig.xml
+++ b/spring-security-mvc-login/src/main/resources/webSecurityConfig.xml
@@ -15,20 +15,22 @@
 
         <csrf disabled="true"/>
 
-        <form-login login-page='/login.html' login-processing-url="/perform_login" default-target-url="/homepage.html" authentication-failure-url="/login.html?error=true"
-            always-use-default-target="true"/>
+        <form-login login-page='/login.html' login-processing-url="/perform_login" default-target-url="/homepage.html"
+            always-use-default-target="true" authentication-failure-handler-ref="authenticationFailureHandler"/>
 
         <logout logout-url="/perform_logout" delete-cookies="JSESSIONID" success-handler-ref="customLogoutSuccessHandler"/>
 
         <!-- <access-denied-handler error-page="/accessDenied"/> -->
         <access-denied-handler ref="customAccessDeniedHandler"/>
-    	
+
     </http>
 
     <beans:bean name="customLogoutSuccessHandler" class="org.baeldung.security.CustomLogoutSuccessHandler"/>
 
     <beans:bean name="customAccessDeniedHandler" class="org.baeldung.security.CustomAccessDeniedHandler" />
 
+    <beans:bean id="authenticationFailureHandler" name="customAuthenticationFaiureHandler" class="org.baeldung.security.CustomAuthenticationFailureHandler"/>
+
     <authentication-manager>
         <authentication-provider>
             <user-service>
diff --git a/spring-security-mvc-login/src/test/java/org/baeldung/security/FormLoginUnitTest.java b/spring-security-mvc-login/src/test/java/org/baeldung/security/FormLoginUnitTest.java
new file mode 100644
index 000000000000..4b3a091e6c01
--- /dev/null
+++ b/spring-security-mvc-login/src/test/java/org/baeldung/security/FormLoginUnitTest.java
@@ -0,0 +1,63 @@
+package org.baeldung.security;
+
+import org.baeldung.spring.SecSecurityConfig;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.springframework.test.context.web.WebAppConfiguration;
+import org.springframework.test.web.servlet.MockMvc;
+import org.springframework.test.web.servlet.MvcResult;
+import org.springframework.test.web.servlet.setup.MockMvcBuilders;
+import org.springframework.web.context.WebApplicationContext;
+
+import javax.servlet.Filter;
+
+import static org.junit.Assert.assertTrue;
+import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestBuilders.formLogin;
+import static org.springframework.security.test.web.servlet.response.SecurityMockMvcResultMatchers.authenticated;
+import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration(classes = {SecSecurityConfig.class})
+@WebAppConfiguration
+public class FormLoginUnitTest {
+
+    @Autowired
+    private WebApplicationContext context;
+
+    @Autowired
+    private Filter springSecurityFilterChain;
+
+    private MockMvc mvc;
+
+    @Before
+    public void setup() {
+        mvc = MockMvcBuilders
+                .webAppContextSetup(context)
+                .addFilters(springSecurityFilterChain)
+                .build();
+    }
+
+    @Test
+    public void givenValidRequestWithValidCredentials_shouldLoginSuccessfully() throws Exception {
+        mvc
+                .perform(formLogin("/perform_login").user("user1").password("user1Pass"))
+                .andExpect(status().isFound())
+                .andExpect(authenticated().withUsername("user1"));
+    }
+
+    @Test
+    public void givenValidRequestWithInvalidCredentials_shouldFailWith401() throws Exception {
+        MvcResult result = mvc
+                .perform(formLogin("/perform_login").user("random").password("random")).andReturn();
+                /*.andExpect(status().isUnauthorized())
+                .andDo(print())
+                .andExpect(unauthenticated())
+                .andReturn();*/
+
+        assertTrue(result.getResponse().getContentAsString().contains("Bad credentials"));
+    }
+}