I've been experiencing two problems with cookies from Zope: 1) When I set a cookie with the path set to the root <dtml-call "RESPONSE.setCookie('account',AUTHENTICATED_USER,path='/')"> I'm still not able to click through to another hyperlink once I'm logged in, i.e., I've used www.ddi.nl/support to go the password protected Zope site, logged in as a customer, and from there I can choose other parts of the site (below .../support/). However, www.ddi.nl is an alias of www.datadistilleries.com (the actual name): as a result it asks me for the password again. I thought setting the path to '/' would convince Zope I'm authorized, but apparently it's not the case. 2) This might be related to 1. I've created a logout link on the .../support/index_html page, which looks as follows: <dtml-call "RESPONSE.expireCookie('account',path='/')"> <dtml-call "RESPONSE.redirect('http://www.datadistilleries.com/support.html?section=m6&envelope=6')"> However, once I've been redirected I can still access the password protected .../support/ site without Zope asking me for a login name. Now, I'm not 'cookie guru', so please don't tell me how stupid it is of me that I didn't think of this or that to make it work. I did do my background research homework though! Thanks for reading this far ;-). RCR _________________________________________________________________________ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. Share information about yourself, create your own public profile at http://profiles.msn.com.