We are using OpenLDAP as our security realm.
What happens when we try to login into the web application with the incorrect credentials i.e. authentication fails, JBoss does not display the login error page. In the JBoss console, we can see that an authentication exception is thrown, but it never displays the login error page. Instead, the application tries to continue, and then the regualar error page is display (because access to the session bean is denied).

Here is a part of the web.xml file :-
<login-config>
<auth-method>FORM</auth-method>
<realm-name>OpenLDAPRealm</realm-name>
<form-login-config>
<form-login-page>/login.jsp</form-login-page>
<form-error-page>/loginerror.jsp</form-error-page>
</form-login-config>
</login-config>

This problem also occurs when we use the DatabaseLoginModule.

Can anyone please shed some light on this - it would be appreciated.

Thanks,
Shane.