Jon (and Mike), > But you need to cater for the people who hit the login page and then go > to lunch. Happens more frequently than you might think ;)
I recently switched to securityfilter. It's pretty much a drop-in replacement for Tomcat's authenticator, and does not suffer from the problem that you can't login unless you've attempted to access a protected resource. http://securityfilter.sourceforge.net -chris
signature.asc
Description: OpenPGP digital signature
