Hi, You can consider the following ways: 1) You can associate an action class for the page that requires a username and password. In that action class you can prompt for username and password. Have a separate action class for the urls that doesn't require login.
2). Have a query string appended to every URL (http://mydomain/mywebapp/myaction.do?login=NA) for the action that does not require login. And http://mydomain/mywebapp/myaction.do?login=REQUIRED). Map the urls that requires username and password to an action class and you can do the validation in this action class. You can specify the session time out in web.xml file for your web app.Refer the code snippet below. <session-config> <session-timeout>30</session-timeout> <!-- 30 minutes --> </session-config> HTH Ram Kumar. -----Original Message----- From: Charles Jordan [mailto:[EMAIL PROTECTED] Sent: Tuesday, March 23, 2004 12:05 AM To: [EMAIL PROTECTED] Subject: user login authentication and session timeout I'm looking for examples or to be pointed in the right direction on how to achieve the following. I want my users to be able to access a mojority of my pages without having to login, but if they select a specific page a small login pop-up window would display which would require a valid user name and password. I also want the session to time-out after a period of time. Any ides? Charles (Allen) Jordan <[EMAIL PROTECTED]> System Administrator (407)771-8919 Convergys 285 International Parkway, Lake Mary, FL 32746-5007 --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]