Check out this link
http://java.sun.com/j2ee/tutorial/1_3-fcs/doc/Security4.html#67530 Regards The standard J2EE web security does all the things you want. At 11:03 2002-03-28 -0800, you wrote: >Hi, > >I am running Win 2K advanced server, JDK 1.3, Tomcat 4.0 and struts framework. > >I would like to know whether there is an automatic way of transferring the >user to the login screen in the below given scenarios. >. The first time he enters the application. >. When the session variables expire. >. When an intruder tries to get into the application by typing an valid >URL without loging into the application. > >Thanks in advance > >Ryan Norman -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>