protected boolean onLoginFailure(Account account, AuthenticationToken token, AuthenticationException e, ServletRequest request, ServletResponse response) {
UsernamePasswordToken usernamePasswordToken = (UsernamePasswordToken) token;
String username = usernamePasswordToken.getUsername();
request.setAttribute(KEY_AUTH_USERNAME_VALUE, username);
if (e instanceof CaptchaValidationException) {
request.setAttribute(KEY_AUTH_CAPTCHA_REQUIRED, Boolean.TRUE);
} else if (e instanceof AuthenticationException) {
if (account != null) {
account.setLastFailureTimes(account.getLastFailureTimes() + 1);
account.setLogonFailureTimes(account.getLogonFailureTimes() + 1);
account.setLastLogonFailureTime(DateUtils.currentDateTime());
account.setLogonFailureTimes(account.getLogonFailureTimes() + 1);
accountService.save(account);
if (account.getLogonFailureTimes() > LOGON_FAILURE_LIMIT) {
request.setAttribute(KEY_AUTH_CAPTCHA_REQUIRED, Boolean.TRUE);
}
}
}
return super.onLoginFailure(token, e, request, response);
}