When we go for HTTP FORM-basedauthentication mechanism, the login form with an ACTION of "j_security_check" must contain fields for entering a username and a password. These fields must be named "j_username" and "j_password", respectively.
<form method=�POST� action=�j_security_check�>
<input type=�text� name=�j_username�>
<input type=�password� name=�j_password�>
</form>
GET defeats the whole point of password fields, all forms that have password fields should use a METHOD of POST. For Form-based authentication mechanism we always use a Method of POST instead of GET.
Thanks,
Mahesh
----------
SCJP 1.4, SCWCD 1.4, SCBCD 1.3, (
SCEA Part I preparing......)