This is a whitepaper discussing insecure authentication control in J2EE implemented using sendRedirect().
You can download it from the following link: https://packetstormsecurity.com/files/download/119129/insecureauth-j2ee.pdf
Source: https://packetstormsecurity.com/files/119129/Insecure-Authentication-Control-In-J2EE.html