Hi people, i have this problem trying to get a custom error page when client authentication fails:
I had configured successfully my tomcat with client authentication using certificates, and now I would like to redirect the user to a custom error page when authentication fails, but I always get a 400 not found error if this happens.
I already tried to set my error page for 400 error code in web.xml but I can't get it to work.
Shouldn't be 403 (forbidden) the error when authentication fails?
Somewhere I read that the socket connection is terminated by tomcat before i can send the user anywhere, and thats why i don't get the redirection.
Here is part of my web.xml... Any idea?
(I entered some blank spaces to be able to show the xml tags)
Thanks in advance.
<login-config>
<auth-method>CLIENT-CERT</auth-method>
<realm-name>certificate</realm-name>
</login-config>
<error-page>
<error-code>400</error-code>
<location>/static/html/errorcert.html</location>
</error-page>
PH: I also tried the error-page tag in the login-config section with the same results.