Perhaps it's faster to explain how it works with the product code.
org.hippoecm.hst.core.container.SecurityValve#invoke(ValveContext) contains the following:
String formLoginPage = resolvedMount.getFormLoginPage();
// SNIP
if (authenticationRequired && !StringUtils.isBlank(formLoginPage)) {
try {
// SNIP
String formLoginURL = requestContext.getHstLinkCreator().create(formLoginPage, destLinkMount).toUrlForm(requestContext, true);
servletResponse.sendRedirect(formLoginURL);
return;
} catch (IOException ioe) {
// SNIP
}
}
So, I can think of some possibilities you can suspect:
- your mount has a specific form login page url property (@hst:formloginpage) with '/site',
- or your hst host/mount configurations have somethings. For example, @hst:showcontextpath can be overridden in mount level,
- or url rewriting occurs in reverse proxy level,
- ...
Regards,
Woonsan