to qualify the question....
I am trying to avoid using a valve to handle login events like the password has expired or user is a new user and must thus change their password. I would like to handle this on the form-error-page based on the j_username entered. The login will always fail based on the SQL used in the security module unless the 'status' of the user is for example 'OK'.
Its not possible without a valve or custom FormAuthenticator that makes the username available to the error page. Its not part of the form auth spec that this should be made available to the error page.