I've been experimenting with apache and tried to do something I thought would be simple (as if anything with apache is simple!). All I want to do is require all users to log in using their id and passord when they first access apache. Once logged in I wanted them to have access without requiring additional authorization. I put the appropriate statements in httpd.conf in the apache root container and it worked. Everyone accessing the server sees a little box open and is required to enter their id and password to continue. However, it works too well. If a user then tries to access a link to the htdig directory that's symlinked from apache root they get another box popping up again requesting their id and password. I assume this is due to the symlink out of apache's root directory. How do I set this up so that a user is only asked once and not every time they go to a symlinked directory??? Gerry "The lyf so short, the craft so long to learne" Chaucer