I'm receiving this for pages not listed with a security constraint in web.xml. It's related to tomcat bug: http://nagoya.apache.org/bugzilla/show_bug.cgi?id=12428 (which was opened against 4.0.4, but appears to have resurfaced with 4.1.24)
This code worked with Tomcat 4.0.6. Is there an easy way to back 4.1.24 out to 4.0.6?
I'm using: JBoss 3.2.0 and 4.1.24 on J2SDK 1.4.1_02