This content has been marked as final. Show 2 replies
This says the user is valid but does not have permission to access the resource.
Thanks for the reply!
I've just solved this myself. :-D
Now a happy bunny.
Adding a merge file for the WAR.
File: error-pages.xml Contents: ... <error-page > <error-code >403</error-code > <location >/jsp/invalidlogin.jsp</location > </error-page>
Then created a file called "invalidlogin.jsp"
Filename: invalidlogin.jsp Contents: <%session.invalidate();%> <html><META HTTP-EQUIV=Refresh CONTENT="0;URL=taskList.jsf"/></html>
taskList.jsf is the where index.html redirects to.
So that if you are authenticated, but not authorized (i.e. putting username in capitals), then you get a 403.
The above changes now redirect you back to the login page.