Thank you the reply Ray.
OK I have done this already.
"successRedirect" => "https://ssldomainhome.com/mainhome.php",
"failRedirect" => "https://ssldomainhome.com/accessdeny.php",
I guess I have not explain the problem correctly.
With the code set like above, when I go to my homepage that has the login form embeded (www.ssldomainhome.com) and I login... I get access denied every time.
The only way to login successfully is to open my browser and point to homepage(ssldomainhome.com) and then I will login sucessfully.
Why is this happening and how do I fix this?