Help! Need to intercept ugly screen!

[bjanssen]

Hi,
What I am trying to do is pop up a username/password box to authenticate, and if the authentication fails, then redirect to another page. I am happy with the authentication, it works fine, but I have no idea how to intercept the 401 screen that occurs if authentication fails. This is what I have:

response.setHeader("Pragma", "no-cache"
response.setHeader("Cache-Control", "no-cache, must-revalidate"

String auth = request.getHeader("Authorization"
if (auth == null) {
send401(response);
}
else
{
blah blah
}

void send401(HttpServletResponse response) throws IOException{
response.setHeader("

http://WWW-Authenticate",

"Basic realm=\"(Customer Reporting)\""
response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Login error, password is incorrect. Your account may have been locked."
}

If I step through this code, it failes the auth == null and goes straight to send401. It only pops up the username/password prompting box when the response.sendError is called, if it fails it drops to an ugly 401 screen, I want to forward it to another URL. Is there any way of intercepting this? Sorry if this isn't very clear, but I'm not really sure how this stuff works.
Thanks, Brett.

 

[tiz]

Try:

String auth = request.getHeader("Authorization");
if (auth == null) 
{
   response.sendRedirect("[URL unfurl="true"]http://mysite/mypage.htm");[/URL]
}

This just checks to see that the auth header contains nothing and if so redirects to a different page. Just change the url to match the error page you wish to display.

If your code fails the auth==null then it wouldn't process send401, so auth is obviously null i.e. user and pass are
incorrect or non-existant.

Another way to do this is to configure your Web server to redirect the 401 error to a different web page.

Hope this helps!

Tiz --
Tim <tim@planetedge.co.uk>