In Tomcat, this is not possible. It is just how j_security_check was made in Tomcat. If you start from the login page directly, chances are once you hit the submit button, you will get an error since the correct way is to start from a protected resource. If you want to automate the login process, you can do so with a combination of querystrings to the login page. Once the login page sees those querystrings, you can redirect it to the protected resource so that the login page will be called again. Then, you can manually call within the login page, the j_security_check URL together with the username and password parameter and their values. See sample URL below.
When using Apache Tomcat as the Servlet container server for your Servlet needs, sooner or later you will come across a situation where you need to do something before and after you login using j_security_check. The solution is to use Servlet filters so that every request will pass through these filters. But using it for j_security_check? The answer is? NO. You cannot do this in Tomcat. While I did read in some articles that IBM Websphere will let you do this, in Apache Tomcat there is just no way. You can try some other workaround that uses the Servlet Filter class to do what you want it to do.
Each Unix-based (I just call them Unix based since these new OS now were non existent at the time that only Unix and later on Linux were around) OS has a package manager command that will do the downloading and installation of the package specified. If you want to do installations the old fashion way … downloading the file, extracting and moving it to the desired location it’s still pretty easy for say, Apache Tomcat 6 Server. Do the following steps.