I'm working on a system to make medical records available via a web interface. It needs to make different levels of access available to different sorts of people (doctors, nurses, clerical staff) - a perfect match for Zope's roles. But I've encountered one rub: the web browser will be running on PC's sitting in various spots in the clinic's offices: the doctor's office, work areas, even examination rooms. There will be a different person sitting down at it every few minutes. But, with "Basic" authentication, once the web browser has your username/password in its clutches, it never lets go. We're dealing with medical records here, so it is a poor idea to leave a "logged in" browser sitting around in a public place. What I am looking for is a way to put in a "log out" option that stops short of killing and restarting the browser. Has anybody else figured out a way to do this? Thanks, jon Jonathan Corbet, Eklektix, Inc. corbet@eklektix.com