My web.xml contains protected and unprotected resources. But both presents the same behaviour. I'm always being redirected to login page.
It seems like all the app is marked as secure. Is it the correct behaviour?
Post your web.xml. Does your web.xml has security-roles defined ?
Retrieving data ...