Thanks Thierry! You might consider adding this info to the guide, because it wasn't clear to me where Guards lived in the chain of calls. Thinking of the Resources and Guards as a tree helped make it clear.
One follow-up question: how can I have a Guard only care about certain requests? For example, I don't want to require credentials for GET requests. I have my own custom Guard that overrides the checkSecret() method, but I don't want the protected resources to require a username/password for GET. Thanks again, Mike ------------------------------------------------------ http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=1335985
