I am using authentication to do something similar to the "Edit This Page" functionality that Dave Winer et al have done with the Frontier newsgroups. Now the vast majority of it is simple -- I use this DTML snippet on my front page (/zope/personalWebLog): <dtml-if "AUTHENTICATED_USER.has_role('Manager')"> Hello, <dtml-var AUTHENTICATED_USER>. You may <a href="/zope/manage">edit</a>. <dtml-else> <form action="login" method="post"> <input type="submit" name="submit" value="login"> <input type="hidden" name="redirect" value="/zope/personalWebLog"> </form> </dtml-if> which references a dtml method called "login" which contains: <dtml-call "RESPONSE.redirect(_['redirect'])"> ...and I massage the permissions on "login" so that it forces the user to provide authentication information via the standard username/password dialog that browsers use. It _mostly_ works as intended. If the person connecting to the web page isn't a manager, they get a "login" button. If they are, they get a greeting and a quick link to the Zope management screen. I'm running Zope at home, and it all works fine if I'm connecting from work. I hit the login button, it prompts for my username and password, and redirects back to my main page, displaying the nice greeting and the link. However, when I try to login from home, it displays the dialog fine, and I supply the right username and password, but when it redirects, it goes back to the page with the "login" button. Strangely enough, if I type the "manage" URL manually, it goes right in without prompting for a username and password, so obviously the authentication tokens are getting passed properly. And when I return to the page _after_ going to the management screen, it displays the greeting and the link. I used to think I had a clue about Zope Zen, no I'm not so sure. Particulars: Zope is running on a Linux machine at home, and I'm also using Linux at work, and using Netscape Navigator 4.61 to connect to the web page, at hame and at work. And I'm using Zope 2.0.1. I thought this was a caching problem, but it shows up even after I clear the cache. dave (pleading for enlightenment)