hi, we´ve set up apache to rewrite http requests /w a virtual host monster configured at the zope root; authenticating via cookies works only within the page called first; to access other restricted pages, we have to authenticate again. without apache rewriting everything works o.k. -> seems like apache doesn´t leave the authentication to zope but catches the cookie so zope doesn´t know that the user is already authenticated?! -> my question: is this a rewrite, authentication or proxying issue within apache / does anybody have a fix? thank you a lot in adveance, oliver -- This is Linux Country. On a quiet night, you can hear Windows reboot