I did some more research on this.  It looks like it was a Known Bug in
Tomcat 4.0.2, and it doesn't look like it has been fixed since then (I'm
using 4.0.4).  Tomcat developers, is there any patch or workaround known
for this?

I did some digging in the Tomcat source, and it looks like the html
error pages are generated by this valve:

org.apache.catalina.valves.ErrorReportValve

I could definitely edit that valve, putting in my own custom html, and
then recompile and redploy Catalina.  If there is no other way to fix
that, then that is what I'll do, but I would rather do this in some more
portable (and easier) way.

Any tips will be appreciated.  Thanks!

On Thu, 2002-09-05 at 13:01, Joe Tomcat wrote:
> I have written an filter that uses Basic Http authorization to control
> access to pages.  I want to be able to define a custom 401 error page to
> show users if they are unable to log in.  I should be able to do this by
> putting a section like this in my web.xml:
> 
> <error-page>
>   <error-code>401</error-code>
>   <location>/errors/401.html</location>
> </error-page>
> 
> However, when I put that entry into the web.xml, when the user clicks to
> log in, it goes immediately to the error page, without even hitting my
> filter.
> 
> I know what is happening: The filter sends a 401 back to the browser to
> prompt the user for the password.  The container intercepts this 401,
> sees that it's an error, and then displays the error page resource.
> 
> Is there a way to change or work around this behavior?  Surely there is
> a way to display a custom 401 error page and still have basic
> authentication work?


--
To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>

Reply via email to