Hello, I have this script (see below) set as an access rule for a folder. When it is run directly it prints out the correct user. But when it runs indirectly as an access rule (ie when accessing some other object in the folder, the user is always "Anonymous User". I am using Zope 2.8.6-final, python 2.3.5, win32. I am using simpleuserfolder and sessioncrumbler in part of the site, but it also happens with a regular user folder and normal http authentication. Thanks request=container.REQUEST the_user=_.SecurityGetUser().getUserName() print the_user context.audit_trail_sql(bigbird_user=the_user, \ request_form=request.form, \ request_url=request['ACTUAL_URL'], \ client_ip=request['REMOTE_ADDR']) return printed