Hi All, My web application is deployed on tomcat( 5.x) with apache ( ajp13). I have stored all static images on apache, I would like to know is there any want to prevent users from seeing those images without a valid session in tomcat( i.e. successful login in tomcat). Thanks, P