http://jakarta.apache.com/tomcat - look for "Realms". If you're not using Tomcat, check the user documentation for your servlet container. If you'd like the actual spec, it's available on sun's web site. There's also a very good explaination of this mechanism to be found in "Java Servlet Programming" (Jason Hunter: O'Reilly) and "Java Server Pages" (Hans Bergsten: O'Reilly).
I simply refer to the books, myself - and the Tomcat site, of course. Tomcat gives you the ability to configure your Realms (and their associated users/roles) in three formats right out of the box. Those formats are: flat-file (XML), JDBC, JNDI (LDAP). If one of those does not suite your needs, you can "roll your own". Other application servers implementations may allow different ways to actually implement this (I don't think there is a standard wrt the "Realms" in Tomcat - however accessing the information for a "logged-in" user *is* specifically layed out in the servlet specification). Search java.sun.com for container-managed authentication :-) and check your servlet-container handbook/documentation. I can't recommend those books highly enough either. I think I reference the JSP book more than the servlet book for this particular topic though (just FYI). HTH, Eddie Jacob Hookom wrote: >Eddie, do you have a link for more? > >Jacob Hookom >Comprehensive Computer Science >University of Wisconsin, Eau Claire > -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>