Tomcat behind Apache HTTP server using Spring Security
Since I have been struggling with applications not working properly behind Apache HTTP server that use Spring Security I dedicated this blog to this issue. When you develop an application using Spring security this works fine when just running on a Tomcat server e.g. http://localhost:8080/app-context/. The problems start when you want to setup your environment properly by adding an Apache HTTP server in front of it using proxy AJP. You would start by adding the following to your apache config file: ProxyPass /app-context/ ajp://localhost:8009/app-context/ This works fine when trying to go to http://servername/app-context/ but when you try to login you will be redirected back to the login page everytime. To avoid this behavior you need to add the following line to your Apache configuration: ProxyPass /app-context/j_spring_security_check ajp://localhost:8009/app-context/j_spring_security_check For some reason it doesn't work without this line which seems weird to me since you basical