aspose file tools*
The moose likes JSP and the fly likes How to Trap 403 error of Jboss and display Customized Error page Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » JSP
Bookmark "How to Trap 403 error of Jboss and display Customized Error page" Watch "How to Trap 403 error of Jboss and display Customized Error page" New topic
Author

How to Trap 403 error of Jboss and display Customized Error page

srikanth.lingampally reddy
Greenhorn

Joined: Mar 01, 2006
Posts: 2
I tried to handle error code(HTTP ERROR CODE ; 401, 403, 404, 500) through web.xml in my application. But the server does not recognize the changes and showing the same browser messages.

(we have authourized some jsps/URLs based on jaas form based authenticaiton of jboss. So when I click on the application, it prompts for userid/password and opens the page accordigly if that user is Autoized user.when the user is Unauthorized it is diplaying form-errorpage but the problem is if there are two uses one user is having permission to two differnet jsps,then if the user is trying to access the page for which he has no access permission it is displaying "You are not authorized to view this page".)

Instead we want to display our cusotm error message.

Environment: Appserver : Jboss3.2.5
OS : Windows

this is my web.xml


<?xml version="1.0" encoding="ISO-8859-1"?>

<!DOCTYPE web-app
PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.2//EN"
"http://java.sun.com/j2ee/dtds/web-app_2_2.dtd">

<web-app>

<!-- Standard Action Servlet Configuration (with debugging) -->
<security-constraint>
<web-resource-collection>
<web-resource-name>Web Page seurity</web-resource-name>
Define which roles have access to the Web pages in this Web Application.Other (more specific) security permissions will be defined in web.xml servlet tags as well as in EJB descriptors, either a bean-level or method-level permissions.
<url-pattern>/logon.jsp/*</url-pattern>
<http-method>POST</http-method>
<http-method>GET</http-method>

</web-resource-collection>
<auth-constraint>
<role-name>testRole</role-name>

</auth-constraint>
</security-constraint>

<security-constraint>
<web-resource-collection>
<web-resource-name>Web Page Security</web-resource-name>
Define which roles have access to the Web pages in this Web Application.Other (more specific) security permissions will be defined in web.xml servlet tags as well as in EJB descriptors, either a bean-level or method-level permissions.
<url-pattern>/quote.jsp/*</url-pattern>
<http-method>POST</http-method>
<http-method>GET</http-method>

</web-resource-collection>
<auth-constraint>
<role-name>admin</role-name>

</auth-constraint>
</security-constraint>

<login-config>

<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/Errorpages/login.jsp</form-login-page>
<form-error-page>/Errorpages/login_error.html</form-error-page>
</form-login-config>
</login-config>



<security-role>
<role-name>testRole</role-name>
</security-role>

<security-role>
<role-name>admin</role-name>
</security-role>

</web-app>

as the above web.xml says there are two different users with two different roles(test Role and admin) each one is having access to differnt jsps when the user in admin trying to access that page which is having access permission to testRole then this 403 error happening,i want to catch that and display my customized eror page.

I have edited the web.xml as follows, but it did not redirect to errorPage.jsp(custom error page)



<!-- Standard Action Servlet Configuration (with debugging) -->

<error-page>
<error-code>403</error-code>
/ErrorPage.jsp
</error-page>

.... ....
.... ....
.... ....
</web-app>
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: How to Trap 403 error of Jboss and display Customized Error page