Hi, I noticed a strange behavior with JServ. The scenario is as follows.. I have two servlets zones viz. /servlets and /admin_servlets where admin_servlets is meant for admin purposes and hence the access is restricted. What happens is once by logging in as admin user any servlet in admin_servlets directory is loaded it can be accessed by the url */servlets/AnyAdminServlet although it is not present in /servlets.Which means now any user can play around with adminservlets. As a workaround I have limited the access by putting in "Allow from 127.0.0.1" But again this is not the solution I am looking for. Can anyone please throw some light on this issue. Thanks, Devesh. ---------------------------------------------------------------- To subscribe: [EMAIL PROTECTED] To unsubscribe: [EMAIL PROTECTED] Archives and Other: <http://java.apache.org/main/mail.html/> Problems?: [EMAIL PROTECTED]