I have included, at the beginning of every page in my webapp, is code that reads a cookie to see if the user needs to login again. If the cookie is outdated, a login window is (javascript)popped-up. When the user correctly enters a password, it tells it&#039s opener window to refresh, thus reading the newly updated cookie and letting the user thru.<BR><BR>This worked just fine on my development server (which I have control over) but not on my production server (which I don&#039t).<BR><BR>On my development server, my app was stored close to the same subdirectory as my login page. like /dir1/app/app.asp and /dir1/shared/login.asp. As soon as I moved it to my production server the main page could not see the cookie that my login page was creating. I did have the pages in different areas, like: /dir1/app/app.asp and /secure/shared/login.asp. <BR><BR>here&#039s what I&#039ve tried so far:<BR>I am NOT using the path statement for this cookie. <BR>I have tried using and not using an expiration date (in both the form "Month, day, year" and date+365.<BR>I am not using session variables.<BR>Both webservers are IIS4.0<BR><BR>thanks for any help<BR>Reed mailto:r_e_e_d@yahoo.com<BR>