tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Craig R. McClanahan" <>
Subject Re: <form-error-page> problem
Date Sun, 06 Jan 2002 15:54:53 GMT

On Sun, 6 Jan 2002, George Kakarontzas wrote:

> Date: Sun, 6 Jan 2002 10:53:44 +0200
> From: George Kakarontzas <>
> Reply-To: Tomcat Users List <>
> To:
> Subject: <form-error-page> problem
> Hi all.
> I’m having a problem with tomcat 4.0 and form based authentication.
> When I’m providing an existing username/password, that is one that exists in
> the database or the tomcat-users.xml (I have tried both memory and JDBC
> Realm), but has a role that is not allowed to view the page, the browser
> displays hid default “403” page instead of the error page that I constructed
> (<form-error-page>/error.jsp</form-error-page>). Note, however, that it
> displays my form-error-page correctly when I provide an invalid
> username/password (not in the database or tomcat-users.xml at all), or a
> wrong password.
> I am using tomcat 4.0 on Win2000 and I have tried both the stand-alone
> server and the NT service.
> I have also tried the
> tomcat4.0\webapps\examples\jsp\security\protected\index.jsp after I have
> commented out the “<role-name>role1</role-name>” in the
> tomcat4.0\webapps\examples\WEB-INF\web.xml file (to make sure that is not my
> program with the problem). Then I tried to login as the user role1 providing
> the correct password and the browser displayed the default error page again
> instead of the form-error-page.
> Why is that?
> -George

In Tomcat 4.0 and 4.0.1, there was a bug that made the app's own error
pages not work for container-generated errors (such as the 403 from when
you try to access a resource protected by a security constraint).  This
has been fixed in the upcoming 4.0.2 release.


To unsubscribe:   <>
For additional commands: <>
Troubles with the list: <>

View raw message