Hi, Iam trying to use Zope as an App server (basically to provide an XML-RPC interface) for a certain application . I have a function called addFile in the External Method. def ext_addfile(self): ob=self.Files ob.manage_addFile("hello","hello") I created an external method call ext_addFile() Now I write my client using xml-rpc lib s=xmlrpclib.Server("<hostname>") s.ext_addFile() And this adds a file to my directory. This freaked me out. Because i was anonymous user and this shdnt happen. The next thing i did was create a python script of the same structure and called it addFile() ob=context.Files ob.manage_addFile("hello","hello") Now I run my client xml-rpc program s=xmlrpclib.Server("<hostname>") s.addFile() and its fiving me unauthorized as expected. So basically i dont know why is this happening. Is this due to some permission problems i have on the directory or External Methods, or something which iam totally missing. -- Phani Kumar Arava Grad Student 1560 Worthington Street Department Of Computer Science Columbus Ohio 43201 2015 Neil Avenue Ohio State University Columbus Ohio-43210 Contact: (614)-286-2618 URL : www.cse.ohio-state.edu/~arava/ mailto: arava.3@osu.edu,phani.arava@gmail.com, arava_phani@yahoo.com