diff --git a/trunk/acct_mgr/web_ui.py b/trunk/acct_mgr/web_ui.py
--- a/trunk/acct_mgr/web_ui.py
+++ b/trunk/acct_mgr/web_ui.py
@@ -434,7 +434,7 @@
 
     def _do_login(self, req):
         if not req.remote_user:
-            req.redirect(self.env.abs_href())
+            req.redirect(req.abs_href())
         return auth.LoginModule._do_login(self, req)
 
     def _remote_user(self, req):
@@ -445,17 +445,6 @@
         if AccountManager(self.env).check_password(user, password):
             return user
         return None
-
-    def _redirect_back(self, req):
-        """Redirect the user back to the URL she came from."""
-        referer = self._referer(req)
-        if referer and not referer.startswith(req.base_url):
-            # don't redirect to external sites
-            referer = None
-        req.redirect(referer or self.env.abs_href())
-
-    def _referer(self, req):
-        return req.args.get('referer') or req.get_header('Referer')
 
     def enabled(self):
         # Users should disable the built-in authentication to use this one