As I already said before, the filter does not work for j_security_check action. But I've tried to implement servlet that redirects the request to the j_security_check.
So the way it works:
in login.jsp form action I specify my servlet instead of j_security_check (along with j_password and j_username ),
the servlets doPost method does some custom logic and redirects the request to j_security_check action.

Not exactly perfect, but works. I'd rather had a hook after the systems authentication done. Oh well...

Folks, please let me know if there is something really wrong with what I'm trying to do.

Dmitry A.

To reiterate what I wrote before:
1. the filters do work as well as the servlets (I was using bad filter url)
2. In order to redirect properly to the j_security_check, j_username and j_password must be passed from the request object to the responce, here is the code for the doFilter method:

public void doFilter(ServletRequest request,
ServletResponse response, FilterChain chain)
throws IOException, ServletException {
if (filterConfig == null)
return;

HttpServletResponse httpResponse = (HttpServletResponse)response;
HttpServletRequest httpRequest = (HttpServletRequest) request;
String redirectString = "j_security_check";
logger.debug( "Sending redirect to: " + redirectString);

String username = httpRequest.getParameter("j_username");

String password = httpRequest.getParameter("j_password");

logger.debug("j_username:" + username );
logger.debug("j_password:" + password );

httpResponse.sendRedirect( redirectString +"?j_username="+username+"&j_password="+password );

chain.doFilter(httpRequest, httpResponse);
}