I did a hack because as you say currently the examples only work for a particular "url"/file/resource.
I actually pass the resource given to me and store it within the login page as a hidden field. When the user submits username, password/etc this will come along too. Then if authenticated i redirect to that "resource" using "request:resource". This retrieves the resource parameter from the http request parameters object and off you go. My redirect looks like this, e.g. <map:redirect-to url="cocoon:/?action={request:resource}"> This then will work for any page in the site that you want protected. Note that I don't point to url's rather I have a single URL (the cocoon servlet and my app). cocoon:/ helps to establish that. I use action id's much like struts (I guess but the concept has been around much longer than struts.) pointing into metadata to help distinguish what page to show. But whether you use action id parameters or file url's this work. later, md --------------------------------------------------------------------- Please check that your question has not already been answered in the FAQ before posting. <http://xml.apache.org/cocoon/faq/index.html> To unsubscribe, e-mail: <[EMAIL PROTECTED]> For additional commands, e-mail: <[EMAIL PROTECTED]>