You should be able to control this from your form-error-page.
-----Original Message----- From: Summers, Bert W. [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 31, 2004 11:48 AM To: [EMAIL PROTECTED] Subject: form base auth with custom messages I am using form base authentication with web.xml security constraints. It works fine in that if you enter the correct username and password you get in. What I want to do is provide feedback to the user for certain conditions, such as password is expired and they can not login or about to expire and take them to the change password page. The password expire feature is done by tracking how long it has been since they changed it. Is there an easy way to make some extra checks and then control which page is shown after authentication or failed authentication? I am starting down the path of rewriting FormAuthenticator. The problem with this is that all my web apps must conform to this same approach. Prior to using the web.xml to enforce security my login servlet would make these checks and then redirect to the correct page. Thanks This electronic transmission is strictly confidential to Smith & Nephew and intended solely for the addressee. It may contain information which is covered by legal, professional or other privilege. If you are not the intended addressee, or someone authorized by the intended addressee to receive transmissions on behalf of the addressee, you must not retain, disclose in any form, copy or take any action in reliance on this transmission. If you have received this transmission in error, please notify the sender as soon as possible and destroy this message. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
