Hi! If you make use of Tomcats web.xml and set appropriate security constraint (se http://www.servlets.com/jservlet2/examples/ch08/web.xml) in combination with the use of Session-objects, you should be able to do what you want to do, e.g. ask the user for a correct username and password.
Kind regards Jonas Hello I'm pretty sure this is a known issue, even though I didn't find much about it; I'm having a problem with authenticating users in TomCat. I have an IIS server to server static content and Tomcat to serve dynamic content, if users knows URL that goes directly to Tomcat then Tomcat wont even ask for use to enter his/her username and password while if user goes through first page of IIS (where it redirects to tomcat) IIS askes user for his/her username and password. How do I enable authentication at Tomcat so that even if users knows direct URL it would still ask him/her for his/her username and password? Thank you in advance --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]