Thank you, that is enough for now.
How about the servlet filter not working before the login?
And we use a servlet filter that should filter every (literally every) request, as it checks the authentication. It works for all requests after the login, but not for the original login itself (http://localhost:8095/crowd/console/login.action) or the base-url (http://localhost:8095/crowd)
It worked before with older versions of crowd.
<servlet-filter name="xxx"
key="xxx"
class="xxx"
location="before-login" >
<description>xxx</description>
<url-pattern>*</url-pattern>
<dispatcher>REQUEST</dispatcher>
<dispatcher>FORWARD</dispatcher>
</servlet-filter>