i am using j_security_check with a form based login screen... this works ok, but here is my problem. the entry page is a redirect to a secured page based on the referer url, or the username. this works ok, i have two users, two roles and two acceptable referer urls. in my web.xml i have 2 security constraints, one on each destination page
now the problem is this: if i log in as a user with the wrong role, i get big, ugly 403 error for the secured page that says "you are not authorized to view this page." that seems appropriate. but, if i put: <error-page> <error-code>403</error-code> <location>/marketing/incorrectpass.jsp</location> </error-page> in the web.xml page and then do the same thing, i just get a smaller less ugly 403 error message, but for j_security_check any ideas? --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
