Resolution: Won't Fix
Affects Version/s: 2.0.4
Fix Version/s: 3.0.0 M1
Environment:SpringSecurity used as a servlet filter
SpringMVC with the LocaleChangeInterceptor
SpringSecurity assumes that the Locale present in the LocaleContextHolder is the prefered locale.
This is often not the case as the SpringSecurity filter is in general defined before let's say the spring mvc controller interceptors.
Actually, one of these interceptor, the LocaleChangeInterceptor sets the prefered locale for the current request.
Since this locale change occurs after SpringSecurity, SpringSecurity cannot take it into account when it resolves an error message such
as an invalid login or password.
As a result, the message displayed to the end use is not in the prefered locale.
Therefore, I think Spring Security should somehow also provide the message key (in the exception thrown ?) and let the view (ie jsp page)
resolve the message using the prefered locale.