How can I implement a password-protected servlet?
[The above technique uses browser-based authentication, which has the advantage that it's standard and well-supported across browsers, but the disadvantage of using an ugly dialog box with very little extra information. An alternate technique is to write a servlet or JSP that asks your user for his login information; this gives you a lot of control but can be tricky to implement correctly. Finally, there is FORM-based login; see What is FORM based login and how do I use it? for details on this new spec-based functionality. -Alex]