I've been following the picketlink-reg demo app (http://server.dzone.com/articles/jbossas7-making-your-web) to setup a social login in JBoss AS 7.1.1.Final and I am having some issues or misunderstandings.

1.  I would expect to request a secured resource, then be forwarded to the login page that is configured in the <login-config> section of the web.xml but that is not how it is working.  The picketlink-reg webapp references /jsp/login.jsp in the web.xml but this resource doesn't even exist. The login is always initiated from the index.jsp.

2.  I want the returnURL after authentication to be the originally requested URL but it always seems to change to the URL that I have configured in the ExternalAuthenticator.

Is the ExternalAuthenticator designed to work like regular form based authentication?  If so, how do I configure it.  If not, can I extend functionality to do this?  I'd love any help I can get