Hi all,
Just consider there's a site and there are different types of users(roles) all have access to their respective set of pages in that site.Now,can anyone throw more light on how i could have a "front" servlet sitting on the web server which traps the url requested and based on which user is requesting the page,and then grant or refuse access to that page without having a login page for each restricted page.Information on any web server is welcome.

You can create aliases for the servlets. Map all the servlets in the web server to the same intercepting servlet. Do checks over here. If you can find out the alias name with which this interception servlet is activated, decide which servlet has to respond actually. This will solve the problem. This is a thought. I am not sure whether it is possible to find out the alias name of a servlet inside doGet/doPost methods.

Let me know if it works.

thanks for the response.I guess ill have o be more specific.The problem i have with such a servlet is like this:say edit.jsp is supposed to be accessed only by user type admin.we can store the info in a session obj during login and this servlet can query what type of user he is.now if its authenticated,this servlet has to redirect the rewuest to the edit.jsp page.But in the web server,ive already specified that requests for edit.jsp and a group of some other files must be handled by this interception servlet.So when it redirects it goes into an infinite loop because that request is also intercepted by this servlet in a recursive way.Hope you get my point.Any solutions.Please do reply.Its somewhat urgent.thanks
ciao,
capuccino