Still don't quite understand what your problem is.
Add this to your web.xml
:
<welcome-file-list>
<welcome-file>/login</welcome-file>
</welcome-file-list>
</web-app>
This ensures that if a user only types http://server:port
she is redirected to http://server:port/login
.
Now if you want that the user is also redirected to login if she types http://server:port/foobar.html
, what you call "random page", which does not exist then you need an HTTP status code mapping.
<error-page>
<error-code>404</error-code>
<location>/login</location>
</error-page>
If you want that the user must always first authenticate (i.e. go through /login
) first before any existing page is displayed you could use Spring Security for that. Example for simple basic-auth:
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.0.3.xsd">
<!-- HTTP basic authentication in Spring Security -->
<http>
<intercept-url pattern="/*" access="ROLE_USER" />
<http-basic />
</http>
<authentication-manager>
<authentication-provider>
<user-service>
<user name="user" password="password" authorities="ROLE_USER" />
</user-service>
</authentication-provider>
</authentication-manager>
</beans:beans>