I have a project we originally started with Glassfish v3 that uses form authentication. Any calls to URLs that required security via web.xml were redirected to the page we had defined as the login page. When deploying our application in Glassfish 3.0.1, it appears that Glassfish is internally forwarding the request to the destination page.
The pattern we have employed with this application outputs in such a way that a view JSP is processed by the servlet and its resulting content is set into a request attribute. That output is then retrieved in a filter and set into a layout JSP which is then processed and written to the output stream.
In Glassfish 3, when you came in and need to authenticate, you would be 302 redirected to the login page, resulting in a separate request by the browser. What I'm seeing with 3.0.1 is that the container appears to be internally forwarding the request, which is breaking the filter/layout content insertion.
I have been unable to find any documentation as to what changed that causes this. Does anyone know what changed and if/where any configuration settings may exist that will revert this behavior?
[Message sent by forum member 'mward_ssi']
http://forums.java.net/jive/thread.jspa?messageID=485347