I am using Spring Security and would like to use authentication providers for 'one time password' and 'security questions'. The number of allowed failures for one time password and security questions is limited.
So far the authentication providers works fine but for the enduser it would be nice to know if he has typed in the wrong 'one time password' or the limit of allowed failures is exceeded. But I have only the possiblity to throw an AuthenticationException within my authentication provider.
Any ideas?
Thanks, Ralph