what version of zope are you running? some versions had a "shortcut" in the security mechanism that, while speeding things up a little, produces the symptoms you see. AFAIK this has been fixed a little while ago. 2.4.3 should not have this behavior anyore. jens On Friday, November 30, 2001, at 08:33 , Etienne Labuschagne wrote:
Hi there, This is what happens 1) User enters site (REQUEST.AUTHENTICATED_USER == "Anonymous User") 2) User logs in when accesing a "secure" page. (REQUEST.AUTHENTICATED_USER == "myUser") 3) User goes to page that is available for Anonymous Users but which is rendered differently for logged in users. Page must now render as if user is logged in, but does not because REQUEST.AUTHENTICATED_USER == "Anonymous User" again?? After doing some reading it seems as if this is a problem with the way HTML authentication works (Zope does not receive a browser authentication challenge or something like that). Is there a way around this other than using cookies or url mangling? Thanks Etienne