Hi, Please can anybody help me out. I have a problem with security in my application. I have a secured page which is also running on ssl. I configured form-login declarative security for the secured page. My problem is with IE and URL rewriting. IE cannot open the form-login-page, when it finally breaks I get the "The page cannot be displayed" error message with address pointing to https://uche:8080/BA/login.jsp. I expect a url of https://uche:88443/BritishAirways/login.jsp. Using Netscape everything works normal and the login.jsp page is displayed running on https protocol, but it seems tomcat is using url-rewriting to maintain session because the address bar reads. https://uche:8443/BA/login.jsp;jsessionid=19C4EABCDE223612E674F9B08B2D638D. When I enter a correct login information I get a blank page.