Spring Security Form Login authenticationFailureHandler is not used in ServerHttpSecurity

Summary

Use custom method when login fails, but authenticationFailureHandler method is invalid

Actual Behavior

Use the wrong user in the page at "/login",forward an authentication error page is "login?error".

Expected Behavior

Use the wrong user in the page at "/login",Execute my custom method.

Configuration

@EnableWebFluxSecurity
public class SecurityConfig {
@Autowired
    private AuthFailureHandler authFailureHandler;
@Bean
    SecurityWebFilterChain webFluxSecurityFilterChain(ServerHttpSecurity http){
        //
        http.authorizeExchange() 
                .and()
                .formLogin() 
                .authenticationFailureHandler(authFailureHandler); 
        return http.build();
    }
}

@Component
public class AuthFailureHandler implements ServerAuthenticationFailureHandler {
    private static final Logger logger = LoggerFactory.getLogger(AuthFailureHandler.class);
    @Override
    public Mono<Void> onAuthenticationFailure(WebFilterExchange webFilterExchange, AuthenticationException e) {
        logger.info("Authentication Failure");
        return null;
    }
}

spring:
  security:
    user: 
      name: guest 
      password: 123

Version

5.2.1-RELEASE

Reference

public FormLoginSpec loginPage(String loginPage) {
            this.defaultEntryPoint = new RedirectServerAuthenticationEntryPoint(loginPage);
            this.authenticationEntryPoint = this.defaultEntryPoint;
            this.requiresAuthenticationMatcher = ServerWebExchangeMatchers.pathMatchers(HttpMethod.POST, loginPage);
            this.authenticationFailureHandler = new RedirectServerAuthenticationFailureHandler(loginPage + "?error");
            return this;
        }

Override authenticationFailureHandler value When build method of ServerHttpSecurity is executed 。

Comment From: eleftherias

Thanks for the report @lizz365. This is now fixed by 2937754.