I have a small problem which is bugging me when using Acegi. Whenever a user attempts to access a page which
he/she is not authorised an AccessDeniedException is being thrown. I understand that using SecurityEnforcementFilter
it will catches the exception and set response status to 403 SC_FORBIDDEN.
Problem: I set a 403 error-page handling in web.xml and expect my customised 403 error page to be displayed whenever
an unauthorised user try to access a page. However, it never display my customised 403 error page but it display
the webserver default 403 error page.
I'm using Spring MVC and Tomcat 5.0.19 and Spring 1.2.2.
Note: this is quite similar to
the user uses tapestry and is having similar problem.
1. Is this a common problem?
2. Is there anyway for me to display my customised page without any code modification?
Thanks in advanced.