Redirecting after Failure; Customizing the Target and Failure Request Parameters . Now, when the security system initiates the authentication process, it will redirect the user . This login form is currently not protected against CSRF attacks..