itcuties/JSF2-Login-Filter-Example — reverse-engineered prompt

Build me a small Java web app that demonstrates how to protect JSF 2 pages with a Java EE servlet filter. I want a simple public home page and login page, then a few protected pages under a secured area. If someone tries to open anything in that secured area without being logged in, send them back to the login page. After a valid login, keep the user in the session and let them view the secured page. If the login is wrong, show a clear message and keep them on the login screen.

Keep it as a simple Maven project that I can run on a normal Java EE compatible server. Use plain JSF pages and a straightforward filter so it is easy to understand as a learning example. Add a basic logout link if it fits naturally, and include brief run instructions in the README. Look up current docs online if you need to.