The "roles" filter subclasses AuthorizationFilter, which provides a "unauthorizedUrl" property. See the doc here:
http://shiro.apache.org/static/current/apidocs/org/apache/shiro/web/filter/authz/AuthorizationFilter.html#setUnauthorizedUrl(java.lang.String) <http://shiro.apache.org/static/current/apidocs/org/apache/shiro/web/filter/authz/AuthorizationFilter.html#setUnauthorizedUrl%28java.lang.String%29> I suspect that will do what you want. -Jared On 08/04/2011 01:10 AM, Krishan Senevirathne wrote: > Hi, > If the [url] section of the .ini looks like this, > > [urls] > /users/** = authc, roles[user], perms["users:html:view"] > > if i try to access a page with in users directory from a role other > than user, browser shows the 401 error page. > Is there a way to override that page and show our own unauthorized > page?(is there a tag to be added in the [filters] section as added for > loginUrl) > > Thanks in advance > > cheers > Krishan
