I've searched the mailing list, but there doesn't seem to be information on
this. I'm a little desparate now.
I'm using a form-based login for my web application. When a user hits
Login.jsp, s/he must log in. I have the LoginForm.jsp and LoginError.jsp
files in / of my context root. This redirection to the LoginForm.jsp does
occur, but regardless of whether the user logged in successfully or not, he
is dumped back to the welcome page. The actual logging in is successful,
i.e. if he provided the correct credentials, he's logged in, but still
dumped back to the welcome page.
Here is the relevant portion of my web.xml:
<security-constraint>
<web-resource-collection>
<web-resource-name>LoginTrigger</web-resource-name>
<description>LoginTrigger</description>
<url-pattern>/Login.jsp</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>portal_gamer</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<realm-name>default</realm-name>
<form-login-config>
<form-login-page>LoginForm.jsp</form-login-page>
<form-error-page>LoginError.jsp</form-error-page>
</form-login-config>
</login-config>
<security-role>
<role-name>portal_gamer</role-name>
</security-role>
Which part of the magic am I missing?