Hi, I'm having a problem with CookieCrumbler 1.24. I'm trying to use it with Zope 2.7.2, Python 2.3.4, and LDAPUserFolder 2.4beta3. I want CC to show my login.html when a user accesses a protected folder, but this doesn't happen; the basic auth dialog still pops up. I enter a username and password that authenticates correctly with my LDAP server and then my login.html shows up. On this page I have to enter a correct username, but then any gibberish in the password field will allow me to login; this basically means that the dialog box was doing the real login and this login.html wasn't doing much. I can then logout by clicking a link that calls a Python Script that calls logout() in CC (is this the correct way to logout? CC doesn't have any docs, so I perused its code and found logout()). But now when I try to access the folder again I get instantly logged out because I have code at the top of my index.html ZPT that detects if a session object exists, and if it doesn't it will logout the user. Since I've logged out, a session object does not exist. Basically, the login process is being completely bypassed and I'm hitting index.html directly. The correct login process that I have set up is as follows: 1) CC shows my login.html. 2) The user logs in, which calls index.py. 3) index.py creates a new session and then calls index.html This was working for some time before "something happened" and I am now seeing the above wrong behavior. What am I doing wrong? Thanks, Gordon