This is all that is being invoked on the server from the time it's started to the time when I check the parameter values:
[Servlet.LOG]: /index.jsp: init // welcome page for the application
[Servlet.LOG]: /login/login.jsp: init // login page for the application
There is no special code in either page, index.jsp simply redirects to /faces/home.jsp, but is intercepted by the server since /faces/* is a protected resource, and redirected to /login/login.jsp instead.
login.jsp is your standard j_security_check form, exactly the same as in this other app which is working just fine.
Anyway, both pages are well out of the faces context...
I've messed around with everything I can think of and still,
httpRequest.getParameter("j_username")) and
httpRequest.getParameter("j_password") always return null.
Help me please :(