Looking for any ideas on the subject. Here is the situation. From server level I want to prevent pages from being served to clients who have not logged in. So someone cannot enter www.site.com/folder1/hiddenpage.html and see that page if they have not yet logged in. I know about Apache Basic Authorization, but we have a real nice login page and I do not want to make the user have to enter their uid and pw into an unsightly pop up window. Now , after a user logs in, ofcourse a session cookie is places on his browser, so can you configure apache to protect certain directories by checking for a session cookie. Any other ideas? Appreciate it, JB ___________________________________________________________________________ To unsubscribe, send email to [EMAIL PROTECTED] and include in the body of the message "signoff SERVLET-INTEREST". Archives: http://archives.java.sun.com/archives/servlet-interest.html Resources: http://java.sun.com/products/servlet/external-resources.html LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
