Okay, I think I know what is causing the trouble. I found one thing that did not quit work the way the zope docs said. You should be able to *not* include the domain name in the access file (eq superuser:123) I finally got to the point (agian) where I kept getting the failed authorization. Except this time when I clicked cancel I did not get the message that there was no Authorization header found. Instead it said the username and password supplied were incorrect. So I went back into the /var/local/Zope/access file and changed it to rwcanary:xxxxx:*.ohiocounty.net and it WORKED! Now how did I get to that point? First everything belongs to owner and group nobody. With wide open rwx (I'll tighten the security tommorow). Also it seems that Zope must have its own directory. I moved the Zope.cgi to "/home/httpd/cgi-bin/Zope/Zope.cgi" I haven't seen any reference to this in the docs, please correct me if I wrong. The Apache is configured as follows: /etc/httpd/conf/access.conf......... <Directory /home/httpd/cgi-bin/Zope> Options ExecCGI </Directory> /etc/httpd/conf/httpd.conf............ RewriteEngine on RewriteCond %{HTTP:Authorization} ^(.*) RewriteRule ^/cgi-bin/Zope/(.*) /home/httpd/cgi-bin/Zope/$1 [e=HTTP_CGI_AUTHORIZATION:%1,t=application/x-httpd-cgi,l] /etc/httpd/conf/srm.conf........... ScriptAlias /cgi-bin/Zope/ /home/httpd/cgi-bin/Zope/ This is Apache-modperl-1.3.6 and Zope-1.09 For the record and archives I am pasting what a succesfull rewrite log should look like: (2) init rewrite engine with requested uri /cgi-bin/Zope/Zope.cgi/manage (3) applying pattern '^/cgi-bin/Zope/(.*)' to uri '/cgi-bin/Zope/Zope.cgi/manage' (4) RewriteCond: input='Basic c3VwZXJ1c2VyOjEyMw==' pattern='^(.*)' => matched (2) rewrite /cgi-bin/Zope/Zope.cgi/manage -> /home/httpd/cgi-bin/Zope/Zope.cgi/manage (5) setting env variable 'HTTP_CGI_AUTHORIZATION' to 'Basic c3VwZXJ1c2VyOjEyMw==' (2) remember /home/httpd/cgi-bin/Zope/Zope.cgi/manage to have MIME-type 'application/x-httpd-cgi' (2) local path result: /home/httpd/cgi-bin/Zope/Zope.cgi/manage (1) go-ahead with /home/httpd/cgi-bin/Zope/Zope.cgi/manage [OK] (1) force filename /home/httpd/cgi-bin/Zope/Zope.cgi to have MIME-type 'application/x-httpd-cgi' (2) init rewrite engine with requested uri /manage (3) applying pattern '^/cgi-bin/Zope/(.*)' to uri '/manage' (1) pass through /manage I have one question? After I log onto the "/Zope.cgi/manage" I can exit and then go backto /Zope/Zope.cgi/manage it goes directly to it. It does not ask me for a username and password anymore. Why? -- robert canary system services OhioCounty.Net rwcanary@ohiocounty.net (270)298-9331 Office (270)298-7449 Fax