hello: for my zope, the root directory is protected so that anonymous users have no permissions. in addition to root, two other users are defined and given the role 'internal'. one of the users has a username/password. the other allows access based upon IP range. this works as intended. i now want to give anonymous users permission to access /subfolder/index_html. this dtml method accesses a database and uses LocalFS. my first attempt to realize this was to assign the appropriate permissions to Anonymous for index_html. when this failed, i went to the /subfolder security and modified permissions there that seemed relevant. i tried many combinations until finally giving up and granting all available permissions to Anonymous at the /subfolder and /subfolder/index_html levels. so now, all permissions are checked for 'acquire' and for 'Anonymous'. even this does not work! users attempting to access http://myzope/subfolder/index_html are greeted with an authentication dialog. so, despite the fact that security seems to be a pretty simple concept i seem to be missing something fundamental. any insight would be appreciated. thanks, bac