If you're using a JDBC realm then you are using Tomcats authentication, which operates at a higher level than Filters and Servlets, so you can't insert anything into the chain there.
With Basic Auth, the browser does the submission of credentials, based on the error codes that the server sends. So when it fails, the server sends a 403 or something. If you want to control the pages the user sees, you're probably better off configuring FORM Auth, instead of BASIC. It allows you to specify a page/servlet for the login form, and a page/servlet for the login error page. pid David Smith wrote: > I believe in BASIC auth, the client already has the auth failed page > during authentication. Once authentication fails, that page is > displayed. Short of the images and other resources the error page > needs, there is not another request to the server hence no filter call. > > --David > > Dhiraj Ramakrishnan wrote: > >> Hello, >> >> >> I have configured a SimpleServletFilter to act as my authentication >> filter, i want it to do certain things after the authentication has >> failed. >> >> My application is being authenticated using a TOMCAT JDBC Realm. The >> authentication scheme is BASIC. >> >> I noticed that the filter is being called after the authentication is >> done, that is only if it is a valid user the filter is being called. >> >> The filter is not called at all in case the authentication has >> failed. >> >> >> >> >> Any ideas on this problem will be much appreciated. >> >> Thanks >> >> Dhiraj Ramakrishnan >> > > > --------------------------------------------------------------------- > To start a new topic, e-mail: users@tomcat.apache.org > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
