When you "run" the application, are you using Netbeans? Once you login (upon running from Netbeans or from the browser directly), the session is established and session cookies are set in the browser. When the same browser is used to access another secure page, the login page does not reappear. To clear the session, the cookies and browser cache could be cleared from the browser before accessing the application URL directly.
HTH
Nithya
[Message sent by forum member 'nitkal' ]
http://forums.java.net/jive/thread.jspa?messageID=376325