Hi there! First of all, according to the CGI 1.1 specification, the environment variable, REMOTE_USER, should contain the user name whenever it is sent by the client. (That is, whenever an already authenticated user accesses a URL that is part of the protected realm.) As for the password, the CGI does not provide this information because: one it doesn't know, nor could it; and two, it would be a bad idea anyway! In answer to your question then, you should be able to pluck the user name straight out of the ENV hash using $ENV{'REMOTE_USER'}. Good Luck! ------ From: Gauden Galea, 11/10/96 2:28 PM ------ I'd like to be able to read the authenticated username and password from a secure realm in Webstar when it calls a Macperl cgi application. Is there any way to do this? I'm looking in the ENV hash and also %in (from cgi-lib) to no avail. Webstar's documentation says it does send them to cgi's, but I can't see where they are. Thanks for any help Gauden Galea