要在身份验证失败的情况下显示登录页面，您应该在<access-denied-handler error-page="/login.jsp"/>和<intercept-url pattern="/*Login*" access="hasRole('ROLE_ANONYMOUS')"/>

To show the login page in case the authentication failed you should have the same url in the <access-denied-handler error-page="/login.jsp"/> and the <intercept-url pattern="/*Login*" access="hasRole('ROLE_ANONYMOUS')"/>

例如:

<global-method-security secured-annotations="enabled" />

<http auto-config="true" access-denied-page="/app/sesiones/procesarLogin"> 
    <logout logout-success-url="/app/sesiones/login" />
    <form-login 
        authentication-failure-url="/app/sesiones/login?error=true"
        login-page="/app/sesiones/login" default-target-url="/app/sesiones/procesarLogin" />
    <intercept-url pattern="/app/privados/*" access="ROLE_USER" />
</http>

在该示例中，用户注销后也将重定向到登录页面. /procesarLogin是一种将用户发送到login.jsp页面的方法.

in that example, the user is also redirected to login page after he logs out. The /procesarLogin is a method that sent user lo login.jsp page.