What you're seeing is that your confidential guarantee is doing it's job. It's redirecting on login, but there's no "not confidential" guarantee. So, the servlet container understands from your web.xml that it must redirect to https when login.html is accessed, but there's nothing to tell it to go back. However, if your login.html form goes to say ... /LoginServlet, you could redirect from there to
http:// ... landingpage.jsp or something like that, and that should do the trick. In other words you have to tell it to go back to http once, but after that, everything will be relative.