I'm currently using FORM based authentication in glassfish v2.1 to log users in and it works fine. I want to switch to ProgrammaticLogin and I want to be able to get the initially requested URL (i.e. before redirecting to login page) and use it in my programmatic login code so that the user is redirected back to the requested page after authentication.

I've seen the source code for j_security_check - in my case that's FormAuthenticator (catalina codebase) and it saves the initial request in a SavedRequest object in the session but that session is a StandardSession rather than HttpSession so there's no direct way to access it.

Or should I change the authentication mechanism from FORM to something else?

Thanks!