Jim Fulton wrote: > > - Always start browsing with a page (e.g. /@@manage) that requires > authentication. > This works if your browser always presents credentials after being > challenged > once. Some (lame) browsers only send credentials when challenged. FWIW, Cookie-based auth gets around this problem. cheers, Chris