Hi Ross, Simply adding an error page will not do. You need to have a servlet that will set the status of the response-page as "403" (HttpServletResponse.SC_UNAUTHORIZED)
Look at the code-implementation of Security-Filter. It's good. http://sf.net/projects/securityfilter HTH Happy Hacking, Gaurav Vaish http://www.mastergaurav.org --------------------------------- On Fri, 24 Sep 2004 09:33:13 -0500, Angelov, Rossen <[EMAIL PROTECTED]> wrote: > Hi, > We are running our applications on Tomcat 4 and 5. On both versions we are > having problems with the basic authentication. > > The problem is that I haven't found a way to overwrite the default 401 error > page with a custom page. > If I add an error-page element in web.xml for error 401 > <error-page> > <error-code>401</error-code> > <location>/err401.html</location> > </error-page> > then the username/password window is completely ignored and the err401.html > page displayed. > > I searched the archives and different forums but there are a lot of people > asking for help with similar problems without any responses. > I found two reported bugs related to that issue: 12194 and 22617 for tomcat > 3 and 4 > > I didn't find any bugs for tomcat 5 but it still not working for me. > > Any suggestions will be appreciated. > > Thanks, > Ross > > "This communication is intended solely for the addressee and is > confidential and not for third party unauthorized distribution." > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]