Send customized response after custom certificate validation with Jetty 7 failed

we are currently using a certificate based login for our webapp (running Jetty 7.4)

With JSSLUtils I configured a custom org.jsslutils.sslcontext.X509SSLContextFactory that basically inspects a certificate, validates it against the backend and also checks if the user associated with this certificate is authorized to use a particular servlet.

This works fine, the only problem is that if the user is not authorized or the certificate is not valid anymore etc. all I can do is

throw new CertificateException("Not allowed to access ....");

The question now is, can I intercept this error somewhere/somehow server side and send back a user friendly page with some text indicating why this failed? All I get at the moment is the 开发者_如何学运维default browser page for SSL errors, for example in Chrome

Error 107 (net::ERR_SSL_PROTOCOL_ERROR): SSL protocol error.

I tried specifying an ErrorHandler for our servletholder (in the spring configuration file), but it is not called as it seems to be "higher" up the stack.

Any suggestions?

Thanks, Joey