Hey Jordan and Andy, Attached are the modules of my app that handle XMLRPC and web basic auth over SSL. Note that there's no nevow here, but the same auth facility is used for both a simple static web interface and the XMLRPC service. You can see some vestigial (and inactive) PB stubs, which await time and my grokking Brian's new PB stuff. (Anyway I hadn't yet extended pgercred to support PB ... an exercise for the reader ... and if any readers want to hack on that, I'd love to see it ... that would make things much more interesting! :) Jp's advice, which has since faded into the dark backward and abysm of my head, had to do with some refactoring of pgercred ... hey jp, maybe you could remind me, if you have a chance to peek at it again! The pgertap, pgerxmlrpc, and pgercred modules are server-side and xmlrpcinterface is a client module. They are not runnable without some more stuff from the app (see below), and I haven't taken the time to create a self-contained runnable example along these lines, but I think it wouldn't be too hard, and IMO a nice addition to twisted's examples. Acknowledgement: the code that does the work in pgercred is based on an example that Moshe did a while back (I don't remember exactly what I copied, but I think the main thing was most or all of the BasicAuthResource class). The "engine" that gets passed to pgerxmlrpc is the guy that handles the application logic (he sits above an adbapi layer and other assorted back-end stuff). I didn't include that module because it's not relevant to this thread, but if anyone is curious, I put a tarball of the app at: http://ned.gsfc.nasa.gov/PanGalactic.tar.gz Caveats: it contains some horriblenesses, not much doc, and I haven't released it "publicly" yet. We used to have anonymous access set up for CVS on ned (remember, radix? ;), but NASA/GSFC has tightened up its firewalls considerably since then ... rats! :( Critiques or razberries welcomed, as long as they're constructive razberries! :) Cheers, Steve