Win a copy of The Little Book of Impediments (e-book only) this week in the Agile and Other Processes forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Question for exam kit

 
carl chan
Ranch Hand
Posts: 42
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
hi all
In Chapter 9 of the scwcd exam kit, there is an example of web security using the web.xml.
At page 146
For the
<form-login-page>/formlogin.html</form-login-page>
<form-error-page>/formerror.html</form-error-page>
Can someone tell me under what situation I will get the formerror.html??
I ask this because if I enter the wrong id/pass pair I will get the "Apache Tomcat/4.0.1 - HTTP Status 401 - Unauthorized" page instead of the formerror.html.
Thanks
 
Jessica Sant
Sheriff
Posts: 4313
Android IntelliJ IDE Java
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
hmmmm according to Marty Hall's "MoreServlets" book -- the same behavior described in the "SCWCD Exam Study Kit" is what you should be seeing -->
from MoreServlets and JavaServer Pages, by Marty Hall -- pg 361 -- Listing 7.3

For example, Listing 7.3 shows part of a web.xml file that stipulates that the container use form-based authentication. Unauthenticated users who attempt to access protected resources will be redirected to http://host/webAppPrefix/login.jsp. If they log in successfully, they will be returned to whatever resource they first attempted to access. If their login attempt fails, they will be redirected to <a href="http://host/webAppPrefix/login-error.html.</b rel="nofollow">" target="_blank">http://host/webAppPrefix/login-error.html.[/b]
 
carl chan
Ranch Hand
Posts: 42
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
but after I login failed, I got redirected to "HTTP Status 401 - Unauthorized" page
instead of the "error" page.
Why?
Thanks
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic