When aspire is downloaded, Aspire uses http authentication to provide the concept of a user. When evaluating, this might be quite distracting. You can disable this. When it is disabled you will be able to access all of aspire's pages with out any authentication.
You will see configuration entries like this in the aspire.properties file.
#**************************************************************************
#********** Authorization/session management directives
#**************************************************************************
aspire.authentication.userAuthorization=no
aspire.authentication.verifyPageAccess=yes
aspire.sessionSupport.applySessionManagement=yes
aspire.sessionSupport.mainpage=\
/webapp/your-page-that-says-session-doesn't exist
request.aspire.sessionSupport.sessionSupportObject.className=\
com.ai.servlets.DefaultSessionSupport1
Turn off the following to disable http authentication
aspire.authentication.userAuthorization=no
aspire.authentication.verifyPageAccess=no
aspire.sessionSupport.applySessionManagement=no
Turning off userAuthorization will tell Aspire to stay off the HttpAuthentication. Turning verifyPageAccess to "no" will stop Aspire from checking security for each page. Turning of applySessionManagement will tell Aspire to create a session if one doesn't already exist.
Every page is now accessible with out a password. When that page is accessed, if there is no session a new session is established automatically. But if there is a session already, then aspire will use that session instead. This means you can create a jsp page outside aspire, and have that jsp page establish a login and then create a session. Aspire will then use that session. Only problem is when you don't use the application for some time or use a book mark then your session values would not have been established.
Because of that "session expiration" use this "open" mode during development as this allows access to every page with out any restrictions.
When you are willing to create your own login page outside of Aspire and manage the sessions, you still need to tell Aspire to redirect to a page when that session expires. Read the following to accomplish this
How to redirect when a session expires in Aspire for Build 20 and above
If you want to write your login web pages using Aspire itself then read the following
1. How to redirect when a session expires in Aspire for Build 20 and above