0 Replies Latest reply on Oct 15, 2015 8:45 AM by vitaliyant RSS
    vitaliyant Newbie

    Cancelled authentication results in Tomcat default 401 error page

    It seems that ThingWorx application does not handle any standard HTTP errors. Unauthorized access results in Tomcat default 401 error page. Invalid URL results in tomcat 404 error. 


    Please advise if there is a specific configuration that can be added to override the default page.  We need that for server hardening and better user experience. 


    Note: Standard tomcat error handling cannot be added to the <tomcat>/conf/web.xml because it breaks Thingworx application.  


    Followup: 

    One way this could be accomplished is by adding the following to Thingworx web.xml file. Though there might be a better way to handle errors. 

      <error-page>

        <error-code>400</error-code>

        <location>/index.html</location>

      </error-page>

      <error-page>

        <error-code>401</error-code>

        <location>/index.html</location>

      </error-page>

      <error-page>

        <error-code>402</error-code>

        <location>/index.html</location>

      </error-page>

      <error-page>

        <error-code>403</error-code>

        <location>/index.html</location>

      </error-page>

      <error-page>

        <error-code>404</error-code>

        <location>/index.html</location>

      </error-page>

      <error-page>

        <error-code>500</error-code>

        <location>/index.html</location>

      </error-page>