I'm using JBossPortal2.0.
This is its web.xml security part:

 <security-constraint>
 <web-resource-collection>
 <web-resource-name>Authenticated</web-resource-name>
 <description></description>
 <url-pattern>/auth/*</url-pattern>
 </web-resource-collection>
 <auth-constraint>
 <role-name>Authenticated</role-name>
 </auth-constraint>
 </security-constraint>

 <login-config>
 <auth-method>FORM</auth-method>
 <realm-name>JBoss Portal</realm-name>
 <form-login-config>
 <form-login-page>/login.jsp</form-login-page>
 <form-error-page>/errorpages/wronglogin.html</form-error-page>
 </form-login-config>
 </login-config>

 <security-role>
 <role-name>Authenticated</role-name>
 </security-role>

And when I submit my form request to the following url: /portal/auth/enlogin it gets intercepted by Tomcat and redirects me to the login.jsp.

But the thing is that the request paarmeters are not carried along, since my username parameter is null.

login.jsp code

<%
 String username = request.getParameter("username");
 System.out.println("Username: " + username);
 String password = request.getParameter("password");
 if (username != null && password != null) {
 String url = "j_security_check?j_username=" + username + "&j_password=" + password;
 String redirectUrl = response.encodeRedirectURL(url);
 response.sendRedirect(redirectUrl);
 } else {
 // String home = (String)request.getAttribute(CoreConstants.REQ_ATT_CONTEXT_PATH);
 String home = "portal";
 String portalUrl = response.encodeRedirectURL(home);
 response.sendRedirect("/" + portalUrl);
 }
%>

and my form code

 <form id="loginform" class="login" name="loginform" action="/portal/auth/enlogin" method="post">
 <input type="text" name="username" title="<s:message code="username"/>" alt="<s:message code="username"/>"/><input type="password" name="password" alt="<s:message code="password"/>" title="<s:message code="password"/>"/>

Is this normal behaviour?
Since it used to work before I changed my JBossAS (currently running build from CVS).

Rgds, Ales