What's the syntax and how do I get the current users name and password?
There's been at least once recent discusion on this list about that topic. A quick search will probably tell you more than you want to know. In short, though, the username can be gotten through the REQUEST object with AUTHENTICATED_USER. The password, however, is generally more difficult since it is (at best) restricted. If the passwords of your folder are not encrypted (check the encrypt_passwords property on your UserFolder, the default is no) you can try a 'user._getPassword()' where 'user' is a User object. That underscore makes it a private method, and Python Scripts won't allow it, but possibly you can get away with it in an External Method. If not, you can make a small change to the Zope source to allow it: in zope/lib/python/AccessControl/User.py in class SimpleUser add a method like def getPassword(self): """Return password in the clear.""" return self.__ # the password is stored in attribute named "underscore underscore" Then you can call it like container.REQUEST.AUTHENTICATED_USER.getPassword() in a Python Script or <dtml-with AUTHENTICATED_USER> <dtml-var getPassword> </dtml-with> in DTML. Others on this list can tell you why this might be a bad idea. A better idea might be to find a UserFolder which will do this for you or allow you to do it yourself. exUserFolder is always something to look at when dealing with user folders. You might also store your passwords parallel to the internal ones in an accessible place, but this is certainly an even worse idea than above. --jcc