diff --git a/zlt-uaa/src/main/java/com/central/oauth/config/SecurityConfig.java b/zlt-uaa/src/main/java/com/central/oauth/config/SecurityConfig.java
index 85f06694c869ffad59a7c3f631db497bd0751478..874cdf5a42f95783a3566fd1eb74425cdaec5ff8 100644
--- a/zlt-uaa/src/main/java/com/central/oauth/config/SecurityConfig.java
+++ b/zlt-uaa/src/main/java/com/central/oauth/config/SecurityConfig.java
@@ -18,7 +18,6 @@ import org.springframework.security.config.http.SessionCreationPolicy;
 import org.springframework.security.core.userdetails.UserDetailsService;
 import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.security.web.AuthenticationEntryPoint;
-import org.springframework.security.web.authentication.AuthenticationFailureHandler;
 import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
 import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
 import org.springframework.security.web.authentication.logout.LogoutHandler;
@@ -37,8 +36,6 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
 
 	@Autowired
 	private AuthenticationSuccessHandler authenticationSuccessHandler;
-	@Autowired
-	private AuthenticationFailureHandler authenticationFailureHandler;
 
 	@Autowired(required = false)
 	private AuthenticationEntryPoint authenticationEntryPoint;
@@ -82,7 +79,6 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
                     .loginPage(SecurityConstants.LOGIN_PAGE)
                     .loginProcessingUrl(SecurityConstants.OAUTH_LOGIN_PRO_URL)
                     .successHandler(authenticationSuccessHandler)
-                    .failureHandler(authenticationFailureHandler)
                     .and()
 				.logout()
 					.logoutUrl(SecurityConstants.LOGOUT_URL)
diff --git a/zlt-uaa/src/main/java/com/central/oauth/config/SecurityHandlerConfig.java b/zlt-uaa/src/main/java/com/central/oauth/config/SecurityHandlerConfig.java
index 176299253db8aad39af8ecca0a19bbd34881c75c..2867ac18b1b1375eed461d03be489a224ae4d16b 100644
--- a/zlt-uaa/src/main/java/com/central/oauth/config/SecurityHandlerConfig.java
+++ b/zlt-uaa/src/main/java/com/central/oauth/config/SecurityHandlerConfig.java
@@ -1,24 +1,18 @@
 package com.central.oauth.config;
 
-import com.central.common.utils.ResponseUtil;
 import com.central.oauth.handler.OauthLogoutHandler;
-import com.fasterxml.jackson.databind.ObjectMapper;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
-import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
-import org.springframework.security.authentication.BadCredentialsException;
 import org.springframework.security.authentication.InternalAuthenticationServiceException;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.oauth2.common.exceptions.*;
 import org.springframework.security.oauth2.provider.error.DefaultWebResponseExceptionTranslator;
 import org.springframework.security.oauth2.provider.error.WebResponseExceptionTranslator;
-import org.springframework.security.web.authentication.AuthenticationFailureHandler;
 import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
 import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
 
-import javax.annotation.Resource;
 import javax.servlet.ServletException;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
@@ -32,25 +26,6 @@ import java.io.IOException;
 @Slf4j
 @Configuration
 public class SecurityHandlerConfig {
-    @Resource
-    private ObjectMapper objectMapper;
-
-    /**
-     * 登陆失败，返回401
-     */
-    @Bean
-    public AuthenticationFailureHandler loginFailureHandler() {
-        return (request, response, exception) -> {
-            String msg;
-            if (exception instanceof BadCredentialsException) {
-                msg = "密码错误";
-            } else {
-                msg = exception.getMessage();
-            }
-            ResponseUtil.responseWriter(objectMapper, response, msg, HttpStatus.UNAUTHORIZED.value());
-        };
-    }
-
     @Bean
     public OauthLogoutHandler oauthLogoutHandler() {
         return new OauthLogoutHandler();
diff --git a/zlt-uaa/src/main/java/com/central/oauth/filter/ValidateCodeFilter.java b/zlt-uaa/src/main/java/com/central/oauth/filter/ValidateCodeFilter.java
index e6729ea3cd68c3bd16490464207dde84201774e9..80fe795d1660ffbc935172cac12d455766ae8763 100644
--- a/zlt-uaa/src/main/java/com/central/oauth/filter/ValidateCodeFilter.java
+++ b/zlt-uaa/src/main/java/com/central/oauth/filter/ValidateCodeFilter.java
@@ -1,17 +1,20 @@
 package com.central.oauth.filter;
 
 import com.central.common.constant.SecurityConstants;
+import com.central.common.utils.ResponseUtil;
 import com.central.oauth.exception.ValidateCodeException;
 import com.central.oauth.service.IValidateCodeService;
 import com.central.oauth2.common.properties.SecurityProperties;
 import com.central.oauth2.common.util.AuthUtils;
+import com.fasterxml.jackson.databind.ObjectMapper;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.web.authentication.AuthenticationFailureHandler;
+import org.springframework.http.HttpStatus;
 import org.springframework.stereotype.Component;
 import org.springframework.util.AntPathMatcher;
 import org.springframework.web.filter.OncePerRequestFilter;
 
+import javax.annotation.Resource;
 import javax.servlet.FilterChain;
 import javax.servlet.ServletException;
 import javax.servlet.http.HttpServletRequest;
@@ -31,11 +34,8 @@ public class ValidateCodeFilter extends OncePerRequestFilter {
     @Autowired
     private SecurityProperties securityProperties;
 
-    /**
-     * 验证码校验失败处理器
-     */
-    @Autowired
-    private AuthenticationFailureHandler authenticationFailureHandler;
+    @Resource
+    private ObjectMapper objectMapper;
 
     /**
      * 验证请求url与配置的url是否匹配的工具类
@@ -73,7 +73,7 @@ public class ValidateCodeFilter extends OncePerRequestFilter {
         try {
             validateCodeService.validate(request);
         } catch (ValidateCodeException e) {
-            authenticationFailureHandler.onAuthenticationFailure(request, response, e);
+            ResponseUtil.responseWriter(objectMapper, response, e.getMessage(), HttpStatus.BAD_REQUEST.value());
             return;
         }
         chain.doFilter(request, response);
diff --git a/zlt-uaa/src/main/resources/static/js/common.js b/zlt-uaa/src/main/resources/static/js/common.js
index 79fbd8e7dec51342a15f3fda79b25af49a1ccf23..caffc5e01c2faee34fef9ae7a6280ba021efe583 100644
--- a/zlt-uaa/src/main/resources/static/js/common.js
+++ b/zlt-uaa/src/main/resources/static/js/common.js
@@ -34,4 +34,9 @@ $(function(){
 			$(this).parent().next().hide();
 		}
 	});
+
+	let query = location.search;
+	if (query === '?error') {
+		$('#loginError').show();
+	}
 });
\ No newline at end of file
diff --git a/zlt-uaa/src/main/resources/static/login.html b/zlt-uaa/src/main/resources/static/login.html
index 6802f4085574eeb8b231123cc794aaac8d31ebd7..a1c0453ce0c6c44991af577073b4e3171bbbbd81 100644
--- a/zlt-uaa/src/main/resources/static/login.html
+++ b/zlt-uaa/src/main/resources/static/login.html
@@ -30,6 +30,7 @@
                     <div class="form_btn">
                         <button type="submit">登录</button>
                     </div>
+                    <div id="loginError" class="ececk_warning" style="text-align: center;"><span>用户名或密码错误</span></div>
                     <div class="form_reg_btn">
                         <!--span>还没有帐号？</span><a href="/register">马上注册</a-->
                         &nbsp;