This is an old question to which I had an answer that worked under 3.2.3 but now fails under 4.0.1
Using Tomcat embedded in JBoss, I want to secure access to a certain set of pages and use the JBoss security system to carry out the authentication. Standard stuff. But, as well as going through the JBoss security check I want to force a user to also go through my own Login servlet. If users only ever start at /index.htm this is easy, but if they remember and try to come back in half way down the site, the JBoss security works, but I need to "insert" a redirect to my login servlet. Does anyone know how to do this? Thanks Gerry
