But surely the management interfaces use the user folder mechanism to authenticate (that, and checking for the superuser account), and the vanilla acl_users folder doesn't use cookies for authentication.

So the concept of raising Unauthorized to "log out" won't work very well with browsers -- if I understood the solution correctly it means you'll get a password dialog in your face when you hit "Logout". Not very elegant?

Not very elegant, but totally out of Zope's (or any other app or web server's) control. The client applies the rules outlined in the HTTP spec - if you send an unauthorized, you will get a password prompt; there is no other standard (or nonstandard) way to get a client to stop using it's authentication token. If there were, it would be a huge security hole - it would be trivial to do auth spoofing... Brian Lloyd brian@digicool.com Software Engineer 540.371.6909 Digital Creations http://www.digicool.com