I've encountered a strange behavior with the Zope security mechanism which strikes me as a bug. Here is what I've done: 1. Create a folder in root named 'AccessTest' 2. Create a user folder in AccessTest 3. Define a role for AccessTest called 'Publisher' 4. Create a user in the acl_users directory and grant the user 'Publisher' access 5. From the AccessTest security tab, disable 'Access contents information' for anyone except the manager. 6. From the AccessTest security tab, enable 'View management screens' for Manager and Publisher. From a fresh browser (no previous authentication), attempt to access the management interface for AccessTest (i.e. http://foo.com:8080/AccessTest/manage). Log in as the 'Publisher' user. The screen displaying the contents of the AccessFolder will be displayed. However, this is where I think a mistake has been made. In ObjectManager, the 'View management screens' has been associated with manage_main and manage_menu. Similarly, ObjectManager defines the 'Access contents information' for the methods objectIds, objectValues and objectItems. When I disable 'Access contents information' for my Publisher role, it would seem that users with this role should not be able to access these methods. However, the manage_main dtml code which defines the contents view of the management interface makes use of these methods. When the manage_main dtml is rendered, why doesn't Zope prompt for authentication when manage_main attempts to access objectItems, for example? I'm sure there is a very reasonable explanation, but it strikes me as odd. Thanks. James W. Howe mailto:jwh@allencreek.com Allen Creek Software, Inc. pgpkey: http://ic.net/~jwh/pgpkey.html Ann Arbor, MI 48103