I know it has been asked dozens of times but the response is always "Cannot be done in a standard way". But why can't we change Tomcat to provide further details to the error page of why the login failed?
I would have thought tomcat can support that easily without any backward compatibility issue: ---- Everywhere the authenticate method is called, e.g. FormAuthenticator.doAuthenticate() catch throwables and add the exception details as parameter, as session variable, as ... to the redirect call, such that the error page has a place to read the actual issue. ---- There are tons of reasons a login might fail and without providing the user with the reason he has no option to fix the problem. Only option is to call up the web server admin to scan the webserver logs. Examples: * password wrong * cannot connect to the user database due to network or database not up * login is fine but password expired, must be changed * connection to the user database is fine but SQL statement failed for whatever reason So why has this not been done? What am I missing? Does an enhancement request exist?? Thanks in advance
