Cheers Craig. -George ----- Original Message ----- From: "Craig R. McClanahan" <[EMAIL PROTECTED]> To: "Tomcat Users List" <[EMAIL PROTECTED]> Sent: Sunday, January 06, 2002 5:54 PM Subject: Re: <form-error-page> problem
On Sun, 6 Jan 2002, George Kakarontzas wrote: > Date: Sun, 6 Jan 2002 10:53:44 +0200 > From: George Kakarontzas <[EMAIL PROTECTED]> > Reply-To: Tomcat Users List <[EMAIL PROTECTED]> > To: [EMAIL PROTECTED] > Subject: <form-error-page> problem > > Hi all. > I'm having a problem with tomcat 4.0 and form based authentication. > When I'm providing an existing username/password, that is one that exists in > the database or the tomcat-users.xml (I have tried both memory and JDBC > Realm), but has a role that is not allowed to view the page, the browser > displays hid default "403" page instead of the error page that I constructed > (<form-error-page>/error.jsp</form-error-page>). Note, however, that it > displays my form-error-page correctly when I provide an invalid > username/password (not in the database or tomcat-users.xml at all), or a > wrong password. > I am using tomcat 4.0 on Win2000 and I have tried both the stand-alone > server and the NT service. > I have also tried the > tomcat4.0\webapps\examples\jsp\security\protected\index.jsp after I have > commented out the "<role-name>role1</role-name>" in the > tomcat4.0\webapps\examples\WEB-INF\web.xml file (to make sure that is not my > program with the problem). Then I tried to login as the user role1 providing > the correct password and the browser displayed the default error page again > instead of the form-error-page. > Why is that? > -George > In Tomcat 4.0 and 4.0.1, there was a bug that made the app's own error pages not work for container-generated errors (such as the 403 from when you try to access a resource protected by a security constraint). This has been fixed in the upcoming 4.0.2 release. Craig -- To unsubscribe: <mailto:[EMAIL PROTECTED]> For additional commands: <mailto:[EMAIL PROTECTED]> Troubles with the list: <mailto:[EMAIL PROTECTED]> -- To unsubscribe: <mailto:[EMAIL PROTECTED]> For additional commands: <mailto:[EMAIL PROTECTED]> Troubles with the list: <mailto:[EMAIL PROTECTED]>
