I am trying to use the unauthorized_page system setting. I presume this should come in to play when an anonymous user requests a resource which belongs to a resource group that has ownership in the web context.
I have 'unauthorized_page' set to a resource that is published and publicly available. And I have the 'anonymous' group with a 'load' policy for the 'web' context (this is specified on the 'unauthorized_page' rtfm page, and I think the 'anonymous' group comes with this policy by default now).
When I put a page in a restricted group, and then try to view it as anonymous, I get my error_page rather than the unauthorized_page. Furthermore, the first line in my log file is a 404.
Any idea what is wrong here?