*sigh* I know this topic has been posted before, but I can't seem to find a solution to using J2EE form-based security (in WLS6.0). In the wls sample app 'security' running under their ExamplesServer, a login request will post successfully to j_security_check, which I presume will consult the security node of the server & look up the user/password. Replicating the same code & running under my default server & domain, the <form method="POST" action="j_security_check"> leaves me at a 404 page error. Is there is something I'm missing? Perhaps in the way the different server instances? I'm actually loosing sleep over this... Thank you so much for your help!