I am trying to setup access to my zope server so there is anonymous (but domain-restricted) access to folders except for those which have user list in acl_users. I have tried the followng setting this up so that AnonDomain is a role and AnonDomainUser is a user in the root acl_users with role=AnonDomain and an empty password. I then turn off all Anonymous role permissions and move them to the AnonDomain role on the root folder security tab. Then in /Projects/TestProject, I have a whole set of users. There is no anonymous access to TestProject. When someone from the right domain brings up the root folder, they match to AnonDomainUser but when they try to bring up TestProject, their username and password are consistently rejected (even though they are correct). (Note: correct users are part of the Developer role which does have the correct permissions.) If I then go back to the security panel of the root folder and give the Anonymous role just the capability to view, they can then login properly and access TestProject, but then I have lost the domain filtering on anonymous viewers. Has anyone out there got both anonymous domain restricted access and user authentication on certain directories? Does anyone have any idea why this isn't working for me? Thanks. -- Guy Davis mailto:davis@arc.ab.ca (403) 210-5334 Alberta Research Council