Hi,
I'm trying to create a simple application, that uses container based form authentization (
Tomcat 7 + Active Directory). I'm reusing my login page also for retries on failed attempts. It works just fine, except that on retry the
j_security_check appears in the URL.
Here is the relevant part of my application
WEB-INF/web.xml:
This is
login.jsp:
When the user login fails, the login form is displayed again (with the error message), which is wanted behaviour, but the URL becomes
/myapp/j_security_check instead of
/myapp/, which is what user initially sees when login form displays for the first time. Is there a way to get the behaviour I want without exposing the
j_security_check?