Ah yes, something like the client's IP address would make sense. I will have to think on what information we would like to include, but at least now I know that what I want is indeed possible :)
And you are right, those 3 levels of protection should be sufficient, but I am still missing one of the levels in my implementation (client specific info). So I guess I will have to decide if I really need that, or that the other 2 levels are sufficient protection. ------------------------------------------------------ http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=3060357
