Ok. I've got SimpleUserFolder all setup and working properly (even authing users against a pgsql db which is cool). Since SUF only supports basic HTTP authentication and I need to have a login form and use cookies to properly authenticate users it was suggested that I use cookie crumbler. I've got that installed and I sort of see how it all works but I'm not sure how to proceed at the moment. Here's my folder structure:

/folder/foo/index_html (this is the ZPT I've created (I've also duplicated it as a dtml-document just in case I'm supposed to use a dtml-document instead of a ZPT to make this all happen) that has a form element in it so users can type in their username and password and login to the protected portion of the website)

/folder/foo/members (this is the protected portion of the website)

What I need to do is have users authenticate via the index_html page and be taken to www.foo.com/foo/members. Additionally I need to display a message to the user if their authentication fails (i.e. take them back to the index_html page and show them a msg that says the username and password entered is not valid, please try again).

I was told that if I add a cookie crumbler instance in the same folder as the acl_users folder (currently locate at /folder/foo/members/acl_users) basic HTTP authentication would be disabled and cookies would be used. There are very limited docs on this subject it seems.

How do I make this happen?