Hello, I've just deployed a JAAS module onto Tomcat 5.5.23 into the server/lib file to read a cookie and authenticate via that method for the url: localhost:8080/ucal. However one of the applications that I'm trying to log into currently has form-based authentication set in its web.xml: <login-config> <auth-method>FORM</auth-method> <realm-name>demo</realm-name> <form-login-config> <form-login-page>/docs/login/login.html</form-login-page> <form-error-page>/docs/login/error.html</form-error-page> </form-login-config> </login-config> This is causes an error in which the entire JAAS module is bypassed and so the resource remains locked up. I've commented this out and restarted Tomcat but if I click on the above link, I still get the form which I'm trying to bypass. I've set the following contraints in the tomcat/conf/web.xml: <security-constraint> <display-name>Bedework</display-name> <web-resource-collection> <web-resource-name>Bedework</web-resource-name> <description>Resource Calendars</description> <url-pattern>/ucal/*</url-pattern> <http-method>GET</http-method> <http-method>POST</http-method> </web-resource-collection> <auth-constraint> <description/> <role-name>*</role-name> </auth-constraint> </security-constraint> <security-role> <description>Administrators</description> <role-name>admin</role-name> </security-role> <security-role> <description>Users</description> <role-name>user</role-name> </security-role> I'd be grateful for any help or advice in getting my login module to work correctly. MTIA, Iain Iain Emsley