I am using Tomcat as a standalone web server. Right now, I want to implement a custom authentication module to protect certain directories. Previously, we already did for the Netscape Enterprise Server 3.6, here are three changes we made in the obj.conf file in the NES server: Init funcs="cookie-auth,cookie-init,cookie-check" fn="load-modules" shlib="/opt/ns-wp/wp-solaris.so" Init cookie="WP_Cookie" fn="cookie-init" keyring="/opt/ns-wp/keyring.public" <Object name="default"> NameTrans from="/mydir/project" fn="assign-name" name="WP-Protect" NameTrans from="/mc-icons" fn="pfx2dir" dir="/usr/ns-home/ns-icons" <Object name="WP-Protect"> AuthTrans fn="cookie-auth" auth-type="basic" PathCheck login="https://www.password.mysite.com/login.cgi" fn="cookie-check" auth-type="basic" extfile=".wpauth" secfile="/opt/ns-wsl/userperm.db" </Object> How can I implement these changes in Tomcat? The biggest problem is NES is gone, we can't plug in Tomcat with NES server, so we have to configure Tomcat alone to implement authentication function. JN