Hi all. I�m having a problem with tomcat 4.0 and form based authentication. When I�m providing an existing username/password, that is one that exists in the database or the tomcat-users.xml (I have tried both memory and JDBC Realm), but has a role that is not allowed to view the page, the browser displays hid default �403� page instead of the error page that I constructed (<form-error-page>/error.jsp</form-error-page>). Note, however, that it displays my form-error-page correctly when I provide an invalid username/password (not in the database or tomcat-users.xml at all), or a wrong password. I am using tomcat 4.0 on Win2000 and I have tried both the stand-alone server and the NT service. I have also tried the tomcat4.0\webapps\examples\jsp\security\protected\index.jsp after I have commented out the �<role-name>role1</role-name>� in the tomcat4.0\webapps\examples\WEB-INF\web.xml file (to make sure that is not my program with the problem). Then I tried to login as the user role1 providing the correct password and the browser displayed the default error page again instead of the form-error-page. Why is that? -George
-- To unsubscribe: <mailto:[EMAIL PROTECTED]> For additional commands: <mailto:[EMAIL PROTECTED]> Troubles with the list: <mailto:[EMAIL PROTECTED]>
