When I've done WebObjects applications, I've overridden the method pageWithName in session to return the login page if the cookie auth token was missing. Whats the good bottleneck in seaside for trapping a request for a page and replacing it with a login page so that I don't have to replicate the test for credentials everywhere? Thanks.