I have a zope server distributing files (eg microsoft word files). These files are templates and should not be editable in place by users using webdav. I want them to download them, edit them on their computer, and then upload the modified document through a web form, which will place the modified document in a new folder. This works fine on linux / osx / etc across many browsers. I am also using CookieCrumbler for authentication. On Windows computers running IE, however, when a user clicks on one of the documents, the basic authentication dialog appears even though they have been authenticated already with cookie crumbler. I've read that you can serve these documents over the webdav src port to work around this, because webdav doesn't understand cookies. I haven't tried it yet because authentication is not my primary concern. As I understand it, webdav is used so that effectively users can edit documents in place. I want to prevent this. What is the right way to achieve this? I was hopeful that by changing the "WebDAV access" and related webdav permissions so that the users don't have permission to do this I could circumvent the problem. This may ultimately work, but I still get the basic authentication dialog. Perhaps if I serve it over the webdav port and remove webdav permissions in the securities tab I can get everything I want, which is: users have read only access to the document and authentication is with cookie crumbler. I hate it when computers try and be helpful. Suggestions, please. Thanks, John Hunter zope 2.7