Hello everyone! I have been working on a site recently, and have come across a problem when using the UserDb product. Say I have a site as follows: + / + company - acl_users (UserDb) - index_html + events - index_html + members - index_html The data in the members folder is only accessible to users with the 'Members' role. The acl_users object, a UserDb instance contained in the company folder, contains login information for all the members of the site. When a user browses to /company/events/members, they get the login web form (I am using cookie-based auth.) The user logs in, and if all goes well, they arrive at the following URL: /company/events/members/events/members For some reason, UserDb or Zope is adding an extra events/members onto the URL. I can't figure out what I'm doing wrong. Also, the way my site works, I would like to allow the user to authenticate of their own accord, rather than wait until they try to access data they don't have permission to. This works better for a variety of reasons, on of which is because I can change the look of certain parts of the site based on their roles. To facilitate this, I'd like to put a button on my main screen that says "Login" when the user is not authenticated, and "Logout" when they are. I can make a link to /company/acl_users/docLogin and /company/acl_users/docLogout respectively, but I figure there's a better, more Zopish way to do this. Any ideas? I've got the button part figured out (ie. I can easily change what is shown on the page based on whether they are logged in or not), I just can't figure out where to send them when they click it. Any ideas? Thanks, jkh