# tomcat-users mailing list archives

##### Site index · List index
Message view
Top
From "Craig R. McClanahan" <craig...@apache.org>
Subject Re: <form-error-page> problem
Date Sun, 06 Jan 2002 15:54:53 GMT
```

On Sun, 6 Jan 2002, George Kakarontzas wrote:

> Date: Sun, 6 Jan 2002 10:53:44 +0200
> From: George Kakarontzas <gkakar@inf.uth.gr>
> Reply-To: Tomcat Users List <tomcat-user@jakarta.apache.org>
> To: tomcat-user@jakarta.apache.org
> Subject: <form-error-page> problem
>
> Hi all.
> Im having a problem with tomcat 4.0 and form based authentication.
> When Im providing an existing username/password, that is one that exists in
> the database or the tomcat-users.xml (I have tried both memory and JDBC
> Realm), but has a role that is not allowed to view the page, the browser
> displays hid default 403 page instead of the error page that I constructed
> (<form-error-page>/error.jsp</form-error-page>). Note, however, that it
> displays my form-error-page correctly when I provide an invalid
> username/password (not in the database or tomcat-users.xml at all), or a
> I am using tomcat 4.0 on Win2000 and I have tried both the stand-alone
> server and the NT service.
> I have also tried the
> tomcat4.0\webapps\examples\jsp\security\protected\index.jsp after I have
> commented out the <role-name>role1</role-name> in the
> tomcat4.0\webapps\examples\WEB-INF\web.xml file (to make sure that is not my
> program with the problem). Then I tried to login as the user role1 providing
> the correct password and the browser displayed the default error page again
> Why is that?
> -George
>

In Tomcat 4.0 and 4.0.1, there was a bug that made the app's own error
pages not work for container-generated errors (such as the 403 from when
you try to access a resource protected by a security constraint).  This
has been fixed in the upcoming 4.0.2 release.

Craig

--
To unsubscribe:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>