I was looking at the JDBCRealm class provided with Tomcat 3.2.1. I noticed that it has a boolean authenticate() method that returns true when a username and password pair are valid. But when that method returns false, the int authenticate() method returns skips setting the remote user but still returns 0. How do you redirect someone to a login page using this method? What happens here - does tomcat just check to see if the remote user has been set and if not, it assumes that the login failed?
-Vijay
