Java Servlets, JAX-RS - Having problems getting forms based authentication working

I'm using JAX-RS Jersey as my controller and the JSP's for my view. Here is an example:

@Path("/")
@Stateless
public class HomeController {

    @Context
    private HttpServletRequest request;

    @EJB
    private EmployeeServiceLocal employeeService;

    @GET
    public Viewable getHomePage() {
        Employee employee = employeeService.getEmployeeById(1);
        request.setAttribute("employee", employee);
        return new Viewable("/home.jsp", null);
    }
}

Everything has been running fine and dandy until I tried to implement authentication using JAAS. I believe what is happening is that my filter's are preventing the server from processing my j_security_check request (I'm using form based authentication with a jdbcRealm). The reason I believe this is because I'm getting the error below when submitting my login form:

The requested resource () is not available.

Does this make sense? How can I get my filter to not be applied to /j_security_check?

Here is my filter configuration in web.xml

<filter>
  <filter-name>Jersey Filter</filter-name>
  <filter-class>com.sun.jersey.spi.container.servlet.ServletContainer</filter-class>
  <init-param>
    <param-name>com.sun.jersey.config.feature.Redirect</param-name>
    <param-value>true</param-value>
  </init-param>
  <init-param>
    <param-name>com.sun.jersey.config.property.packages</param-name>
    <param-value>cheetah.frontend.controllers</param-value>
  </init-param>
  <!-- pass to next filter if Jersey/App returns 404 -->
  <init-param>
    <param-name>com.sun.jersey.config.feature.FilterForwardOn404</param-name>
    <param-value>true</param-value>
  </init-param>
  <!-- match regex to determine if Jersey/App is invoked or pass to next filter -->
  <init-param>
    <param-name>com.sun.jersey.config.property.WebPageContentRegex</param-name>
    <param-value>/(images|css|jsp)/.*</param-value>
  </init-param>
</filter>

<filter-mapping>
  <filter-name>Jersey Filter</filter-name>
  <url-pattern>/*</url-pat开发者_JS百科tern>
</filter-mapping>

Thanks for any help.

A similar code worked for me in GlassFish (the appserver does not even pass the j_security_check call down to the servlet and handles it on its own). Did you include login config and set the auth security constraint in your web.xml? Which appserver are you using?