Greetings to all: I am making an application with jboss-seam, I have a problem with session handling of users. I am using a stateful session bean which is authenticating users from db. this bean has two fields in it username and password. on authentication I destroy the password and use username for the session tracking on JSF pages. In jsf pages i use JSTL tags to verify the user if he is logged in or not. Now my problems are: how can i restrict users from unauthorized access of pages. how can i redirect users to login page if their username does not exist in the session. how can i check if the form is submitted illeaglly. And in the last, am i following the right approach or there is a better way to do this in seam. i congrat gavin king on his great work and thank you all in advance. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3995834#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...