(keep replies on the list, more people can help that way) Pete Taylor wrote:

thanks man. doing it that way has cleared up the security problem. i've run into others trying to access xml-rpc methods remotely (zope keeps passing the __roles__ checks back to the xmlrpc server, which says "i don't know what you're talking about", etc)

You'd have to give us more information if you want help with that, it sounds like something bizarre is happening that shouldn't ;-) cheers, Chris -- Simplistix - Content Management, Zope & Python Consulting - http://www.simplistix.co.uk