The login process doesn't go through the normal dispatching channels for
J2EE. The login page isn't (and CAN'T be) explicitly invoked by a URL. Instead, it's referenced directly by the webapp server as an internal resource.
As a result, there's no real guarantee that a login page that depends on a servlet-based framework such as JSF or
Struts will be routed through their respective controller
servlets. And since the FacesContext is created on a per-request basis by the FacesServlet, anything that doesn't go through FacesServlet will fail.
You have an even bigger problem, however. Like I said, the login page is invoked by the
webapp server. That means that the
webapp server is handling the login, not your application. You cannot invoke a custom login function using JSP, JSF,
etc.. All the login/loginfail pages do is present a place to input userid and password. When you click the submit button, these 2 fields are then passed to the appserver's internal login function where it will validate the credentials and set up the J2EE security context (UserPrincipal and related objects). Or present the loginfail page if the userid/password weren't valid.