When you deploy application as ROOT "secure resource" constraint will restrict access to all resources in root context. Entering index, browser tries to get /favicon.ico which has restricted access. You will be redirected to login page and after successful authorization to requested /favicon.ico which does not exists. Therefore until icon is not cached you will get 404 after login. This problem is most visible while deploying on Openshift with default maven Openshift profile which is renaming archive to ROOT.