I'm using the Cookie Crumbler in conjuction with the Simple User Folder. Cookie Crumbler stuffs all the user data within a cookie called __ac (by default) as separate variables. session_data_manager, OTOH, has it's own _ZopeId cookie for session data. Is there any existing product that stores the authentication data in the session data instead of a separate cookie? Or is that just a bad idea? In my case, I would like the authentication data to expire at same time as the session data, and putting it into the session data reduces the number of cookies, plus does not retransmit the authentication data on each request. -- Andy Dustman PGP: 0x930B8AB6 @ .net http://dustman.net/andy "Cogito, ergo sum." -- Rene Descartes "I yam what I yam and that's all what I yam." -- Popeye