Hi, i needed to put in place form-based login and page access control, and looking around there are only bits and pieces of suggestions and code to show how this is done. So I have tried to put them together into a working demo, and extended altdemo.py, in qx2, to show how this can be done in a clean idiom, using AccessControlled and _q_access and NotLoggedInError. All comments welcome. I do not know if you want to replace the altdemo.py with this... if you do not, maybe we should stick it on the wiki or so... Related question: What is a good way to ensure that a qx session is expired if the user quits the browser? Is there a way to make the qx session cookie not written out to disk? Cheers, mario