Hi all, I have a couple questions / misunderstandings that I hope you can help me with. The first is in regards to http BASIC authentication in a web application. Basically, I have done the following: (this is all within a particular application) META-INF/principals.xml <principals> <groups> <group name="admin"> <description>test</description> </group> </groups> <users> <user deactivated="false" password="admin" realname="Administrators" username="admin"> <group-membership group="admin" /> </user> </users> </principals> META-INF/application.xml . . . <security-role> <role-name>admin</role-name> </security-role> . . . web-app/WEB-INF/web.xml . . . <security-constraint> <web-resource-collection> <web-resource-name>Admin</web-resource-name> <url-pattern>/admin/*</url-pattern> <http-method>GET</http-method> <http-method>POST</http-method> </web-resource-collection> </auth-constraint> <role-name>admin</role-name> </auth-constraint> </security-constraint> <login-config> <auth-method>BASIC</auth-method> <realm-name>Administration</realm-name> </login-config> <security-role> <description>Administrators</description> <role-name>admin</role-name> </security-role> . . . Now, when I attempt to browse to http://localhost/test/admin (test is the app dir mapping) I get the following In Netscape 4.6, 4.7, and 4.72, everything works as expected, I get the login prompt, type in the information, and It grants me access to the page In Netscape 6pr1 I simply get 401 Unauthorized (with no attempt by the browser to allow me to log in) In IE 5 I get the samy 401 Unauthorized error as in Netscape 6pr1, again with no attempt to log me in. Could someone point me to the CORRECT way to implement BASIC authentication on a url-pattern? I must be doing something wrong because I have implemented this successfully in the past (0.8.x) but have been unable to do it now. Thanks again, Jeff