[Zope] HTTP authentication question

[jimherz@yahoo.com]

Hi all,

I have a site that achieves user authentication from a home page by
directing them to a restricted method causing the browser to pop up
its default authentication window, and redirecting them back to the
home page after a successful login.  From what I've read, the browser
will use HTTP authentication in this case.  

After the login takes place, I expect to be able to access the user
name from AUTHENTICATED_USER.getUserName().  I am able to access the
correct user name in some methods, but in others, the above method
produces 'Anonymous User'.  

I've read in other mailings that the HTTP authentication scheme will
only send authentication information for URLs that lie below the URL
which originally caused authentication to take place.  I've ensured
the methods in which I want to access AUTHENTICATED_USER.getUserName()
do, infact, lie below the URL which originally caused authentication
to take place.

Does anybody have information as to why
AUTHENTICATED_USER.getUserName() will produce different results
depending on where methods are accessed in the hierarchy - even if you
are below the URL that caused the original authentication?  Also if
somebody has ideas for a better login strategy, feel free to comment.

Thanks for the help