Java EE (Java Enterprise Edition) General Discussion

I have a JSF login page with three components: textfield with username, password field and a
language selection combo box.

Depending on language selection the BIDI value of the form is changed (rtl or ltr)

<h:form id="loginForm" dir="#{loginManager.textDirection}">

and by using a ressource bundle the page text is also shown in the correct language. So far so good ...

I would like to use the page in conjunction with container security, therefore I added a realm to the appserver
(glassfish). A basic test with a JSP page e.g. a plain HTML form submit showed that this the call to
"j_security_check" is working.

But how can I use "j_security_check" from my internationalized JSF login page now?

According to various resources on the web I should use Tomahawk to enforce the correct id:

<t:inputText id="j_username" styleClass="useridField" forceId="true" title="#{resourceBundle.userid_tooltip}" size="40" maxlength="80"></t:inputText>

and in the backing bean action connected with the login button I try to forward to "j_security_check":

public String authenticate() throws IOException, ServletException {
ExternalContext ectx =
FacesContext.getCurrentInstance().getExternalContext();
HttpServletRequest request =
(HttpServletRequest)ectx.getRequest();
HttpServletResponse response =
(HttpServletResponse)ectx.getResponse();
RequestDispatcher dispatcher =
request.getRequestDispatcher("j_security_check");
dispatcher.forward(request,response);
return null;
}

But I always get a "PWC1227: Cannot forward after response has been committed".

Whats the best way to use "j_security_check" together with a working JSF?