There are two problems with this. 1.) The WEB-INF directory is off limits to browsers. 2.) Redirecting will cause a new request to be generated (which means you won't have your "error" attribute by the time you get to the JSP).
If you did the same thing with a forward, both problems would be solved.
Response.redirect sends a header down to the browser instructing it to make a new request with the given URL. RequestDispatcher.forward, on the other hand, is handled from within the same request and completely on the server. The browser never knows that it has happened. [ August 15, 2006: Message edited by: Ben Souther ]