note sundialsvc4 <p> Well, one way to handle the authentication requirements of a web-site, in an LDAP-based intranet environment, is to simply let the web server protect the entire site. &nbsp; Both Apache and (especially...) IIS can do this. &nbsp; The web server has the magical means to determine <em>who</em> the requesting internal user is, and of course to distinguish internal users from outsiders. &nbsp; Unauthorized users simply can&rsquo;t reach the site at all. &nbsp; Furthermore, those that do, have available credentials that the CGI program can query if further authentication logic within the site needs to use it. &nbsp; (Internet users are automatically excluded.) </p><p> This is one key way in which &ldquo;intra-net&rdquo; web sites are able to play by very different and much-simplified rules, versus those of the &ldquo;wild and wooly&rdquo; Internet-at-large. &nbsp; If you simply want to restrict the entire site, you don&rsquo;t have to write protective logic into the site at all. &nbsp; The site is inside the fortress, and they&rsquo;re checking badges at the door, and there&rsquo;s no other way to get inside, and ... and that&rsquo;s <em>it.</em> &nbsp; (&ldquo;Schweet!&rdquo;) </p> 999753 999753