Generally, you make Home.page the real home page not the login page. What I do when I have a group of pages that must be protected by a login page is create a base
Java class for those pages. The base class overrides the validate() method.
Perhaps one could call it ProtectedPage:
There's an interface for creating callbacks you can pass to the Login page before redirecting. That way the Login page can direct the user back to the page they originally requested after they log in.
I didn't put that code in as I didn't want to confuse things.
There is an example of the callback in Home.java
in this small jar file