I looks like it has changed. I have the same problem getting parameters from this page that have been submitted via a post. However, I think that maybe the answer lies in the valve "org.apache.catalina.authenticator.FormAuthenticator"
I'm sure that if you add the <Valve className="org.apache.catalina.valves.RequestDumperValve" /> you will get to the values in the request. Of course enabling this valve won't cut if for production. --- On Tue, 5/5/09, Sanjay Manchiganti <ms4san...@yahoo.com> wrote: From: Sanjay Manchiganti <ms4san...@yahoo.com> Subject: j_security_check/j_username/j_password issue in Tomcat Version 6.0.18 To: users@tomcat.apache.org Date: Tuesday, May 5, 2009, 6:40 PM Hello All, I've deployed two apps(say A and B) into two instances of Tomcat running on port 8080 and 8081. They both have been enabled for form based authentication. Step 1: When a user tries to access the application A he is shown a userid/password page(Alogin.jsp) with all the j_xxx details. Step 2: On entering the details and clicking submit, I've configured the action to take the details and post to the application B which is shown a Blogin.jsp. Step 3: In Blogin.jsp, if I do a request.getParameter("j_username") / request.getParameter("j_password") , I'm getting the values entered by the user in Step 2. Step 4: When I move the "same app" to 6.0.18 I'm getting null values for request.getParameter("j_username") / request.getParameter("j_password"). Did anything change in terms of j_securitycheck / container managed security between these two versions of tomcat? Any input is highly appreciated. Thanks, Sanjay.