I have written a Valve that logs all requests to my webapp. But requests to mywebapp/j_security_check don't show up.
Am I missing something, or is impossible? I understand that the call chain should be Valve > JAAS > Filter > Servlet, so those requests should be handled by my Valve.
I'm using Payara 5, Form-based authentication, GlassFishValve, and WEB-INF contains a glassfish-web.xml containing
<!DOCTYPE glassfish-web-app PUBLIC "-//GlassFish.org//DTD
GlassFish Application Server 3.1 Servlet 3.0//EN"
"http://glassfish.org/dtds/glassfish-web-app_3_0-1.dtd">
<glassfish-web-app>
<valve name="requestlogger"
class-name="com.mycompany.mywebapp.web.RequestLogValve"/>
</glassfish-web-app>
(Btw, I'm upgrading from glassfish3 to payara5 and trying to trace down why logging in from a web browser works, but not from some other programs. Turning on 'Access Logging' in the Payara Admin Console shows the POST requests to mywebapp/j_security_check all right, but without any details).