Zopistas, I have a custom set of ZClasses all living together in a product I have created (a news folder where authors can post articles and photographs) but something strange is happening with authentication. If an author logs in to the Zope site root and selects my News folderish object for editing purposes, I can determine the AUTHENTICATED_USER variable and all is well. Like so -- http://my.zope.site/manage However, If the author comes into my ZClass directly, the AUTHENTICATED_USER variable still reports that they are anonymous - even though they are authorized and able to access (however you can see their user name in the left frame). Like so -- http://my.zope.site/news/manage If they visit the site root and re-visit the news folderish object then AUTHENTICATED_USER is set properly and all is well. I need it to work becuase I'm using AUTHENTICATED_USER to determine who is writing the articles and binding that information to another ZClass which contains a photograph, biography information and other tidbits of info. I'm having some difficulty grokking Zope Permissions, so if anyone has any thoughts, I would greatly appreciate it! (I did read the permissions chapter in the ZB - but the mappings in ZClasses are still reeeeaaalllly fuzzi to me). My understanding was that AUTHENTICATED_USER should be set by the closest acl_users folder up the tree. Thanks in advance, -Darin