Having the similar issue... using jsf 1.2_07 + facelets 1.1.14 + 3.2.1GA
After hitting login button, browser (Firefox, IE, Safari) either spits out some css(eAF7sqpgb-jyGdIAFrMEaw__.css) that get opened in notepad or just displays empty page
<realm-name>Form-Based Authentication Area</realm-name>
Same for me !
We fixed this problem :)
It was caused by the resources requested by the login page (CSS etc) were also being flagged as restricted, so when you successfully logged in you were redirected to the last restricted page you requested... the CSS of the login page...
To fix it you can specify a resource uri prefix in your web.xml
<context-param> <param-name>org.ajax4jsf.RESOURCE_URI_PREFIX</param-name> <param-value>RichResources/</param-value> </context-param>
Then you can make requests from that URI onwards unrestricted:
<security-constraint> <web-resource-collection> <web-resource-name>RichFaces Resource Library</web-resource-name> <description> Allow users to access pictures and css. </description> <url-pattern>/RichResources/*</url-pattern> </web-resource-collection> </security-constraint>