I just took a closer look at the impl of FormAuthenticator, and I was wrong in that a redirect is actually done to the original url, so I don't know wht the browser continues to display the j_security_check action.
[Message sent by forum member 'monzillo' (monzillo)]
http://forums.java.net/jive/thread.jspa?messageID=235462