if the user fails to login (ex. wrong password), I want to redirect him to a loginerror.jsp page.
I have defined that the login page (acegilogin.jsp) requires a secure channel (via channelProcessingFilter) but I forgot to specify (should I?) that also the loginerror.jsp page use the same channel.
With this situation I had a very strange behavior:
When the AbstractProcessingFilter.doFilter() method fails to attemptAuthentication() [line 296] it decides the failureUrl and calls httpResponse.sendRedirect(httpResponse.encodeRedir ectURL(httpRequest .getContextPath() + failureUrl)); [line 335]
Unfortunately since my failureUrl requires a different channel (insecure) the application is not able to the forward to loginerror page. Tomcat goes in loop (class Http11Processor.java beetween lines 754 and 859) and the browser waits an answer forever.
Now I have defined loginerror.jsp requires a secure channel and everything works ok....
My question is, is it possible to generate an exception for this kind of error so that it is easier for the developer to find out the problem? or, should it be possible to redirect to a page with a different channel?, how?
thanks in advance,