This is not directly a zope-question, but maybe someone has figured out how to solve this. I'm using apache with mod_rewrite to redirect requests for a certain directory from apache to zope (with option [p]). Now for the first time I can't get apache to do want I want it to, that is logging the usernames into apaches logfile. Apache does this only when enabling apache's mod_auth via <Directory Proxy:*> AuthType Basic AuthName "Ihr Login..." AuthUserFile "/httproot/web/bogus_userfile.txt" require valid-user </Directory> or similar, but the silly thing then also wants his own authentication. I am not able to get it to extract the username without really requiring apache authentication. Does anybody know how I could accomplish that? Any dirty tricks to get apache to *think* it authentifies, but letting through every username/password combination, so that zope can do it's job? And no, putting any of this combinations in bogus_userfile.txt is not an option ;->. Another possibility (which gets me more on-topic) is to do that in medusas http_server (which logs a '-' hardcoded), but the only way I could imagine (and code myself) would be to do the base64-decoding there and that seems not quite elegant, even more because apache's log-files hold the client-ip in this situation and therefore are more informative anyway. cheers, oliver