1. Where does the user request will be re-directed after the j_security_check servlet has finshed ?

See, if you have accessed a protected page say xxx.jsp, then j_security_check came in to action and ask the user his userid and password by displaying login page. If user is successfully authenticated, xxx.jsp will be served otherwise the default login-error page which is mentioned in web.xml will be displayed.

2. How do you know the user_name and password once the j_security_check is successful ?

Once the user is successfully authenticated and authorized, the j_security_check servlet will store the user data in side the request object.
The user name will be obtained by request.getRemoteUser() method.
request.isUserInRole("ADMIN"); method can be used whether the user is in a particular role or not.
Other methods useful are : request.getUserPrincipal(); request.getAuthType();

3. what?s the difference between Authentication and authorization?

4. what are different Authentication Options available in servlets?

5. How do we practically implement form based authentication?