tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Andrea Cervellati <cer...@sparc20.ing.unimo.it>
Subject How to capture authentication errors
Date Tue, 22 Jan 2002 07:36:41 GMT
Hi,

I'm using JBoss and Tomcat to develop my web application.

I have a security domain and the user must authenticate itself to access the 
restricted area.

I'm using the DatabaseServer login module and I have defined the necessary 
tables.

I want to display an error page when the user is not allowed to access instead 
of the HTTP-403 error message.

The error.jsp page starts with the following:

<%@ page language="java" session="false" isThreadSafe="false" info="Error Page" 
isErrorPage="true" %>

In my jboss-web.xml I've specified that the security domain to be used is the 
same of the Jboss EJB container:

<jboss-web> <security-domain>java:/jaas/modulojdbc</security-domain> 
</jboss-web>

I've tried to add the following lines in the web.xml:

<error-page>
     <error-code>403</error-code>
     <location>/error.jsp</location>
</error-page>

but I keep having the HTTP-403 message displaied.

I've also tried to use the <form-error-page> tag like this:

<login-config>
    <auth-method>FORM</auth-method>
    <form-login-config>
    <form-login-page>/login.jsp</form-login-page>
    <form-error-page>/error.jsp</form-error-page>
    </form-login-config>
</login-config>

, but still have the problem

What can I do?
Should I add anything else in the jboss-web.xml?

I've posted rhis question even in the Java Forums and someone answered me that 
he had to change the Tomcat source to fix the problem.

Please help!

                   Thanks in advance 


--
To unsubscribe:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands: <mailto:tomcat-user-help@jakarta.apache.org>
Troubles with the list: <mailto:tomcat-user-owner@jakarta.apache.org>


Mime
View raw message