[snip] Craig, >Owen's last point is the key one. You should use some form of session >management to do this, and there are many options for that. For your "CGI" >idea, you'll need to write your own authentication handler for files in that >directory, written as a module, of course. At that point, session management >starts to look a whole lot easier. Thanks, Craig. I'm a newbie to Apache, but I've written a script that already functions as an "authentication handler" when I point my browser directly to it. The problem was to get it invoked automatically before any other files. I was not expecting to write a module. Judging from that and from the technical detail you supplied, I don't think I should go there just yet. I have no idea what "session management" is. Where can I find info on that? >[Warning! Nitpicky technical details follow!] [snip] Thanks again, Drew --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx