If you have a authentication security constraint set to "/*", how do you make sure you don't have an infinite redirect loop with the loginPage? -- Bill Burke JBoss, a division of Red Hat http://bill.burkecentral.com