I have a web app which is built using JSF and tomcat 5. There is a login page
for normal users, and a copy of login page that is forwarded from a servlet
which is used by another set of users. This copy of login page contains
javascript that automatically fill in user name and password and submit
Thanks for the reply. I think I'm not really accessing the login page. I just
have a copy of it and named it as login_auto.jsp. This page is not
registered in web.xml, and is not under any restricted path.
I just let servlet to forward to this page, then let javascript in this page
to do