Home/ Questions/Q 6001329
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-23T00:49:09+00:00

I am running Tomcat 6 with a form protected webapp that authenticates correctly with

  • 0

I am running Tomcat 6 with a form protected webapp that authenticates correctly with a Windows LDAP server. I am having an odd behavior:

  • If UserA is a member of the correct group and logs in with the correct password, everything is okay
  • If UserA is a member of the correct group and tries to log in with the wrong password, the user is redirected to the specified error page
  • If UserB who is not a member of the correct group (and does not have the correct role) logs in with a bad password, the user is redirected to the specified error page
  • If UserB who is not a member of the correct group (and does not have the correct role) logs in with their correct LDAP password, they are bounced back to the log in page and never get the error page

Is there a way to adjust Tomcat to direct people who have the right LDAP authentication but the wrong role to a custom error page?

This a snipit from my web.xml

 <login-config>
  <auth-method>FORM</auth-method>
  <form-login-config>
     <form-login-page>/auth/logon.html</form-login-page>
     <form-error-page>/auth/logonError.html</form-error-page>
  </form-login-config>
 </login-config>
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Yeah, you can do it redirecting HTTP 403 error in the web.xml file:

    <error-page>
    <error-code>403</error-code>
    <location>/error.jsp</location>
</error-page>

    Note that a bad login is a different thing that insufficient permissions.

    • 0