Bhanu, When a user requests a secured resource (as configured in web.xml with security-constraints element), the form authentication mechanism will forward user to form-login-page element value. In your case that is the /display.jsp page. This page should contain a login form presenting the username and password testboxes to user. Submitting this form should go to j_security_check action. If user sucessfully authenticates, they are forwarded to orginally requested url. If fail, forwarded to form-error-page element. In your case /error.jsp.
NameAction can not be the action that is used to authenticate if using form based authentication with container managed security. cgriffith View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3954045#3954045 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3954045 Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 _______________________________________________ JBoss-user mailing list JBoss-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-user