Hi,
If you define a <security-constraint> element, you must define a <login-config> element, otherwise the container will throw a NullPointerException (in
Tomcat 5.0.28).
I don't know if it depends of container implementation or if it is the default behaviour.
Regards,
Rodrigo
SCJA, SCJP, SCJD, SCWCD, SCBCD5, SCDJWS, SCEA5