I am trying to deploy an application in JBoss 6.1 and getting the error -
HTTP Status 400 - Invalid direct reference to form login page
after successful authentication from database.
After careful examination of server log I find that it may be due to securityRoles coming as null as shown in the following logs.
I am not sure why this is happening because the query which we have provided for roles is fetching the data as shown in the logs as well. Is this a JBoss issue or we are missing any configuration?
I couldn't see any response from JBoss honchos. What seems to me is that the login module in JBoss is not working as expected. The roles are getting lost somewhere after authentication and before setting in the session.
Please let me know if you have thoughts otherwise.