hiya, i'm working on a python product for zope, but running into some confusion with permissions. one of the entries in my __ac_permissions__ for my base python class is: ('Search Etailer Shop', ['productSearch'], ['Anonymous', 'Manager']), which i had hoped would allow anonymous clients to access the productSearch method. it still however prompts for a username/password when i first try to access the method. if i go into the security management interface of the instance of that product and without changing any settings hit 'Change', the permissions work as expected: anonymous can view the method. my class inherits from Folder which inherits from RoleManager. what am i missing? i've had a look through ZCatalog, which appears to do exactly the same for the 'Search ZCatalog' permission. thanks -d -- Adroit | Dyon Balding dyon@adroitnet.com.au Internet | http://www.adroitnet.com.au/ Solutions | work: +613 98888522, mobile: +61 0414992604