Dear tomcat users, Can you please guide me how to let tomcat know that I have changed user password in database (JDBCRealm, Tomcat 3.2.3, form based login). I am currently altering session variable j_password but I realize this is very tomcat 3.2.3 specific and can possibly not work with future versions. Is there something in servlet api that I have not seen? with best wishes, Taavi