The attachment contains a proposed solution to the issue where you can not configure the 'exceptionMappings' on the AuthenticationProcessingFilter class via the namespace based configuration. The change does not effect any existing namespace configuration and is backwards compatible. The update will allow the following configuration within the http security element:
<security:exception-mapping exception="org.springframework.security.DisabledException" target-url="/accountDisabled.html" />
<security:exception-mapping exception="org.springframework.security.AccountExpiredException" target-url="/accountExpired.html" />
<security:exception-mapping exception="org.springframework.security.LockedException" target-url="/accountLocked.html" />
<security:exception-mapping exception="org.springframework.security.CredentialsExpiredException" target-url="/credentialsExpired.html" />
The update is based on the current 2.0.4 snapshot from svn and is valid as of the 24th of July 2008.
I would appreciate it if you would take a look at this and check the code in for the 2.0.4 release if you are happy with the code.