Has anyone seen the following behaviour? If I set the UserDb to be in cookie mode and I access a page that I am unauthorized to view, I get the docLogin page. The docLogin page has a built in html header, and when it gets delivered the standard_html_header also gets included, so there are 2 headers. However, if a user is trying to access a document inside a folder that needs authorization, the user is unable to retrieve the standard_html_header, so they get an ugly page, lacking all of the header content I thought I would resolve this by adding the contents of the standard_html_header and footer to the docLogin, and then putting a special hack in standard_error_message that checks for a LoginRequired Exception, and skips the inclusion of the standard_html_header if serving the docLogin. However, as soon as I replace the top of the docLogin property of the UserDb, instead of sending the docLogin form, it raises the Unauthorized exception, which results in a username/password dialog box from netscape. With the header, by docLogin ends up being about 4200 bytes. Is there maybe a 4096bytes limit on the docLogin property? Has anyone else solved this problem? If so how. Please cc my own email account with your response. --sam -- -------------------------- Sam Gendler CTO, Impossible, Inc. 1222 State St. Suite 250 Santa Barbara, CA. 93101 p: 805-560-0508 f: 805-560-0608 c: 805-689-1191 e: sgendler@impossible.com