Feb 16th, 2007, 02:31 PM
Got it to work. I modified my objectDefinitionSource for FilterSecurityInterceptor (simplified):
I am now applying security to everything except for jpg and css files. Without these 2 exceptions, my login page and index page looked very screwy. It appears that during the login process, when I haven't yet acquired the ROLE_USER privilege, all calls to jpg and css files were getting blocked making my login and index pages malformed. The above mapping solved it for me. So now by applying security to everything (except css and jpg files) both Tomcat and WAS 188.8.131.52 forces users to login before allowing access to the index.jsp page. Hope this helps someone.