Don't always redirect if user isn't authenticated Only redirect a user if he is accessing the redirect url (FLYS.html by default). In other cases only send a 403 Forbidden to indicate that a user isn't allowed to access the url. Should improve flys/issue856 (Timeout in der Authentifizierung führt zu Fehlern)

<?xml version="1.0" encoding="UTF-8" ?>
<datacage>
    <user>SA</user>
    <password/>
    <driver>org.h2.Driver</driver>
    <url>jdbc:h2:${artifacts.config.dir}/../h2/datacage</url>
</datacage>