no, my question wasn't whether request.getRemoteUser() returns null or not. HOW, specifically, does tomcat populate that information using the j_security_check and the security-constraint nodes in the web.xml???
__________________________________ Do you Yahoo!? Yahoo! Mail - More reliable, more storage, less spam http://mail.yahoo.com --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]