This seems to be a problem associated with wrong cookie. If you look into the j_security_check call you will see LTPA [most probably by the name LTPA2] cookies going with it. The cookie contains id of user 'wasadmin'. If you remove this cookie from request the problem will go away. Are you using local file based authentication?
- Ajitabh