JIRA issue opened : https://issues.jasig.org/browse/CAS-1166

Le 20/08/2012 17:18, Philippe MARASSE a écrit :
Marvin,

I think I've found where the issue was : in the class org.jasig.cas.support.spnego.web.flow.SpnegoNegociateCredentialsAction, sending 401 message is done by response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); (line 82), according to javadoc, sendError should be used instead if we want error handling by tomcat. I've done a test, replacing this single line by :

          try {
response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
                } catch (IOException e) {
response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
                }

and it seems to work... only with an error page that doesn't use sessions. unfortunately, the top.jsp included in errors.jsp uses sessions.

Should I open a Jira issue for this issue ?

Rgds.

Le 14/08/2012 14:59, Marvin Addison a écrit :
<error-page>
<error-code>401</error-code>
<location>/WEB-INF/view/jsp/err401.jsp</location>
</error-page>

And I wrote the matching jsp, but no luck... I always get the tomcat default
error page ?? Any idea ?
The above web.xml configuration should be sufficient to specify a
custom error page.  You might try to turn up internal Tomcat logging
to see if you get more information on the view resolution process.
Maybe it can't find the path or something.

M





--
Philippe MARASSE

Service Informatique - Centre Hospitalier Henri Laborit
BP 587 - 370 avenue Jacques Coeur
86021 Poitiers Cedex
Tel : 05.49.44.57.19


Attachment: smime.p7s
Description: Signature cryptographique S/MIME

Reply via email to