tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "George Kakarontzas" <gka...@inf.uth.gr>
Subject Re: <form-error-page> problem
Date Sun, 06 Jan 2002 18:07:17 GMT
Cheers Craig.
-George

----- Original Message -----
From: "Craig R. McClanahan" <craigmcc@apache.org>
To: "Tomcat Users List" <tomcat-user@jakarta.apache.org>
Sent: Sunday, January 06, 2002 5:54 PM
Subject: Re: <form-error-page> problem




On Sun, 6 Jan 2002, George Kakarontzas wrote:

> Date: Sun, 6 Jan 2002 10:53:44 +0200
> From: George Kakarontzas <gkakar@inf.uth.gr>
> Reply-To: Tomcat Users List <tomcat-user@jakarta.apache.org>
> To: tomcat-user@jakarta.apache.org
> Subject: <form-error-page> problem
>
> Hi all.
> I'm having a problem with tomcat 4.0 and form based authentication.
> When I'm providing an existing username/password, that is one that exists
in
> the database or the tomcat-users.xml (I have tried both memory and JDBC
> Realm), but has a role that is not allowed to view the page, the browser
> displays hid default "403" page instead of the error page that I
constructed
> (<form-error-page>/error.jsp</form-error-page>). Note, however, that it
> displays my form-error-page correctly when I provide an invalid
> username/password (not in the database or tomcat-users.xml at all), or a
> wrong password.
> I am using tomcat 4.0 on Win2000 and I have tried both the stand-alone
> server and the NT service.
> I have also tried the
> tomcat4.0\webapps\examples\jsp\security\protected\index.jsp after I have
> commented out the "<role-name>role1</role-name>" in the
> tomcat4.0\webapps\examples\WEB-INF\web.xml file (to make sure that is not
my
> program with the problem). Then I tried to login as the user role1
providing
> the correct password and the browser displayed the default error page
again
> instead of the form-error-page.
> Why is that?
> -George
>

In Tomcat 4.0 and 4.0.1, there was a bug that made the app's own error
pages not work for container-generated errors (such as the 403 from when
you try to access a resource protected by a security constraint).  This
has been fixed in the upcoming 4.0.2 release.

Craig


--
To unsubscribe:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands: <mailto:tomcat-user-help@jakarta.apache.org>
Troubles with the list: <mailto:tomcat-user-owner@jakarta.apache.org>



--
To unsubscribe:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands: <mailto:tomcat-user-help@jakarta.apache.org>
Troubles with the list: <mailto:tomcat-user-owner@jakarta.apache.org>


Mime
View raw message