Hi, I need to solve the following problem.... Given a web site, I need to authenticate in two leveles; a global and user level. ie accessing the web site (say www.abc.com) itself requires one authentication and then descending down to special areas I need to authenticate again. for example (www.abc.com/reports) For the first level, I'm using .htaccess with a Basic AuthType like AuthName global AuthType Basic <Limit> require valid-user </Limit> This allows a user to access a global area where no-good stuff is presented (ie less secure, think lobby of a company) I then would like to impose restrictions on various functionalities below that, but to avoid someone bypassing me, at any point in the tree, I'd like to check for two pieces of information; 1- Did you come in thru the front door? (ie show me the password for 'global' realm) 2- What is your username and password for this special area? I understand with mod_perl I can have multiple access control handlers....but before I get there, can I just use .htaccess to achieve this. For example, can I put two AuthName in my .htaccess such as AuthName global AuthName username AuthType Basic <limit> requrie valid-user </limit In fact the ultimate for me would be to inherit from parent node and simply add more AuthName down a tree...this way I can achieve N level. So I can manage 1- Did you come in thru the front door 2- Did you get to the engineering thru the offical door 3- Did you get to the testing area thru the official door 4- what is your username/password to access this equipment Sorry if the analogy is lame...but you get the idea... -- ======================================================================= Medi Montaseri, [EMAIL PROTECTED], 408-450-7114 Prepass Inc, IT/Operations, Software Eng. =======================================================================