Here's something that comes to mind. It's certainly less than idea, however it would provide a fair work-around:
Create a directory and place a security-constraint on it. This directory would contain pages that did nothing but redirects. You would sit down and plan out from where your users could login, and where they should be sent to when they login from that page/url. Set your JSP/whatever pages up to redirect accordingly. You'd have a proliferation of files though - OR - how is this: Set up a page specifically with a security-constraint. Obviously the user in the above scenario will have to be led to the login by a link - this scenario would be no different. Your link would be dynamic and snag the request parameters out of the URL -- and tack one additional one on: the url you wish to redirect to once you authenticate. Now, your "let the user login" page would cause authentication to occur. Then they get to see the page/action/watever you pointed them to that caused the login to begin iwth. From THIS page/action/whatever you could get the parameter of where to send the user, and send them wherever you please - done deal. Why would this not work, Craig? (After following this for several days and mulling it over rather heavily, I see no reason it would not work, but, knowing you are far more knowledgable on this topic than am I, I expect there to be a reason :-) HTH someone - and is a viable option! Regards, Eddie P.S. - It would be portable too, I think! -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
