> Without using https, I tried poking around in the
> request.getSession() and didn't find anything, but
> this is such a great workaround, I am calling it
> the solution.
>
> Thanks a lot! Finding this fact was an agony!
that's good news. I know I should quit while I'm ahead, but since your target platform is Glassfish, the next alterantive I would have suggested to you, would have been to develop a JSR 196 ServerAuthModule, that provides a custom implementation of FBL, and as such allows you (as the FBL) implementor to customize the generation of the login page.
If you are not familiar with 196, you can find an intro at
http://blogs.sun.com/monzillo/entry/pluggable_authentication_in_the_glassfish
and I am on the hook to provide some examples so stay tuned.
[Message sent by forum member 'monzillo' (monzillo)]
http://forums.java.net/jive/thread.jspa?messageID=268834