If you want to send the retry message, then you'll need to add a 'Continue Processing' assertion as the last assertion in the 'All assertions must evaluate to true' folders so the policy continues to process.
If you do this, you can't display the messages you want to see in Step #2 (because you are continuing to process the policy). If you want to see the messages but you still want to retry, set a message to a context variable called retry.repsonse.
Include the ${retry.response} context variable in the Return Template for the retry option so you know the reason why you are retrying to authenticate.
