Is your welcome jsp a protected resource? That should fix it.
Matt
Gerald Gutierrez wrote:
> I've searched the mailing list, but there doesn't seem to be information on
> this. I'm a little desparate now.
>
> I'm using a form-based login for my web application. When a user hits
> Login.jsp, s/he must log in. I have the LoginForm.jsp and LoginError.jsp
> files in / of my context root. This redirection to the LoginForm.jsp does
> occur, but regardless of whether the user logged in successfully or not, he
> is dumped back to the welcome page. The actual logging in is successful,
> i.e. if he provided the correct credentials, he's logged in, but still
> dumped back to the welcome page.
>
> Here is the relevant portion of my web.xml:
>
> <security-constraint>
> <web-resource-collection>
> <web-resource-name>LoginTrigger</web-resource-name>
> <description>LoginTrigger</description>
> <url-pattern>/Login.jsp</url-pattern>
> <http-method>GET</http-method>
> <http-method>POST</http-method>
> </web-resource-collection>
> <auth-constraint>
> <role-name>portal_gamer</role-name>
> </auth-constraint>
> </security-constraint>
>
> <login-config>
> <auth-method>FORM</auth-method>
> <realm-name>default</realm-name>
> <form-login-config>
> <form-login-page>LoginForm.jsp</form-login-page>
> <form-error-page>LoginError.jsp</form-error-page>
> </form-login-config>
> </login-config>
>
> <security-role>
> <role-name>portal_gamer</role-name>
> </security-role>
>
> Which part of the magic am I missing?
