Hi, I'm trying to create an authorization scheme in Araneida. Basically whenever a location in my URL space is called I want to check whether the user is authorized and redirect to a login page if he isn't. I found this post on usenet: http://groups.google.com/group/comp.lang.lisp/browse_thread/thread/a6990567666934d2/12bca167849b64e9?lnk=gst&q=request-authorized-p&rnum=1&hl=en&fwc=2 According to this post, the generic function "request-authorized-p" is called for every request to determine whether a client is authorized. To test this, I've got: ============= snip ================== (defclass root-page-handler (araneida:handler) ()) (defmethod request-authorized-p ((araneida:handler root-page-handler) method request) (format t "not authorized")) (defmethod request-not-authorized ((araneida:handler root-page-handler) method request) (araneida:request-redirect request *login-urlstring*)) (defmethod handle-request-response ((araneida:handler root-page-handler) method request) (araneida:request-send-headers request) (araneida:html-stream (araneida:request-stream request) `(html (body (p "logged in"))))) (defparameter *root-page-handler-instance* (make-instance 'root-page-handler)) (araneida:install-handler (http-listener-handler *listener*) *root-page-handler-instance* *app-urlstring* t) ============= snip ================== So, I've got request-authorized-p on class root-page-handler. However, I find that this method is never called by Araneida; instead, handle-request-response is still called. What gives? What am I missing? Joubert