Here is the sequence of events:
1.From a JSP page a form is submitted to an IdP login page:
<form action="http://xxx" method="POST">
<input type="hidden" name="idp" id="idp" value="yyy">
<input type="submit" value="Login">
</form>
2.After login, the user gets redirected back to a page that says authenticated.
3.From that page, a form is automatically submitted to login the user into another site:
<head>
<script type="text/javascript">
function bodyOnloadHandler() {
document.forms[0].submit();}
</script>
</head>
<body onload="bodyOnloadHandler()">
<form action="/ccc/j_security_check" method="GET">
<input name="j_username" value="aaa" type="hidden">
<input name="j_password" value="bbb" type="hidden">
</form>
</body>
4.This brings up the correct URL and it works when browsing manually, but now I get the following error:
State HTTP 408 - The time allowed for the login process has been exceeded. If you wish to continue you must either click back twice and re-click the link you requested or close and re-open your browser.
This will probably not be very helpful, but I found out what the problem was. There was a watchdog service that did not get a response, and kept on restarting Tomcat. It was not easy to notice this - Thanks Etienne.