Merrill's right, this technique absolutely won't work because the most it could do is get the username at the server, not the client.
Maybe if you're using IIS as your webserver, you could set the directory security to enforce NT authentication, then see if the request has any security-related headers. I believe this works OK in ASP, not sure if I've ever heard of anyone doing it with JSP. =========================================================================== To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST". For digest: mailto [EMAIL PROTECTED] with body: "set JSP-INTEREST DIGEST". Some relevant FAQs on JSP/Servlets can be found at: http://archives.java.sun.com/jsp-interest.html http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.jsp http://www.jguru.com/faq/index.jsp http://www.jspinsider.com
