protected void onAuthenticationFailure(AbstractAuthenticationFailureEvent event) {
// on failure - principal is a username
String username = (String) event.getAuthentication().getPrincipal();
if (!StringUtils.isBlank(username)) {
Long orgId = organizationManager.getOrganization().getId();
User user = userDao.findUserByOrganizationAndUsername(orgId, username);
if (user != null) {
int loginFailureCount = user.getLoginFailureCount();
user.setLoginFailureCount(++loginFailureCount);
userDao.persist(user);
}
}
}