login servlet ? how with static based site ?

[Filippos Slavik]

Hello there,   I'm missing something and I'd like you guys to answer me the following question:   I know how to write a login servet that authenticates users and on successful login, this very serlvet redirects to "other servlets". Offcourse when a "evil" user manually points his browser to the "other servlets", without passing through the login servlet, the "other servlets" redirects the user to the login user. This is understood and I have no problem. My situation is somehow different: I have a customer with a running http server. His site is 100% static pages based. He want's to add membership feature to his site. My first thought was to create a login servlet, which on successful login would redirect to his html files. On a second though this completely illegal, since a "evil" user could point directly his browser to the static html files. I think the solution would be easy, if i could force his http server on each file access to pass this request through a servlet (for example a fileaccess?URL=<file URL>). Is this possible ? If it's possible and since the customer uses Apache, is the apache's rewrite module capable of doing that ? If so, a example would greatly help me.    Best Regards Filippos Slavik     ################################################################    Filippos Slavik    Part of the SIAMS's implementation development team. For more    information, please check http://www.siams.net      e-mail : [EMAIL PROTECTED]    ################################################################    "The software said 'runs on Win95 or better,' so I installed   it on Linux..."