I am hitting a wall trying to implement my desired login architecture. What I want is this. A user wants to get to ProtectedPage.html, but I want to interpose a login-checking servlet, which forces the user to login if necessary, then sends them to the desired page after successfully login in. I am using the 'extended path' approach but the 'query parameter' approach could also be used to the same effect (and the same problems). The following works. User goes to http://server/servlet/GatewayServet/path/to/ProtectedPage.html I intercept this with my GatewayServet, forward() to a jsp page which does a login. Replies to the login with a second jsp page which confirms the login (I could probably eliminate this second page in the final version. This is mainly there to help me debug.) Then they press 'OK' which sends then back to: http://server/servlet/GatewayServet/path/to/ProtectedPage.html Notice that this is exactly the same URL that we started with. This feeds us back to the servlet, but this time it notices that the user has successfully logged in. All this works fine. Now the problem. If I try to use forward() to get to /path/to/ProtectedPage.html, it fails because static .html pages are not supported by forward. If, instead, I rename the target page to /path/to/ProtectedPage.jsp, and again try to use forward(), it will eventually hit a non-active source (a .gif or .html frame) and barf again. If it use sendRedirect() instead, then this gets us to the desired page, but the URL that appears in the user's browser is: http://server/path/to/ProtectedPage.html Notice that the GatewayServlet part has been eliminated. This is not what I want because the user could directly bookmark this page and get to it directly without going through the servlet guard. Other discussions on this list have indicated that this general approach works. What am I doing wrong??? cc
begin:vcard n:Cobb;Christopher tel;cell:703-909-7550 tel;fax:703-648-7475 tel;work:703-648-6725 x-mozilla-html:TRUE org:Powerhouse Technologies, Inc. adr:;;;;;; version:2.1 email;internet:[EMAIL PROTECTED] title:SW Architect fn:Christopher Cobb end:vcard
