Hi Mark, currently it's pretty busy here, therefore I couldn't try your suggestion yet.
However, what I've tried so far is: I've subclassed *all* Authenticators from org.apache.catalina.authenticator(Digest, Form and SSL) since I thought that maybe some other Authenticator is being triggered since we're running SSL here, I've again patched Authenticator.properties, however, to no avail. I renamed catalina.jar to catalina5.0.28Patched.jar (after moving the original catalina.jar to some other directory), but this can't be the reason for this odd behaviour. I'll continue now with your suggestion an will keep you posted. Thanks again! Greg -- what's puzzlin' you, is the nature of my game
