Hello, 2015-05-07 20:54 GMT+03:00 Johannes <jo...@posteo.de>: > > > > Hello. > > I'm using Tomcat 7.0.with Java 7.0. > I'm trying to create a webapp with needs a client certifiacte > authentification. > Normal client certifiacte authentfication works well and I can compute > the desired certificate data. The clientauth parameter in the https > connector is set to false. In my webapp is a security-constraint > registred for a url space, like /secure/*. > > If authentifications fails, a ugly browser error page occurs. A new > authentification try can only be attempt after reopen the browser. > > I already noticed setting server wide clientauth to "want", I receive a > tomcat 401 http error page (which can be customized) if no client > certificate was found on a protected resource. But entering a bad > passphrase shows a ugly browser error page again. > > Is there a way to deal with that? I believe the user acceptance will be > low with that behavior.
Consider providing your own error pages thus you can setup them with you company branding. Best Regards, Violeta > Best regards Johannes. >