I've followed the instructions on setting up Apache Authentication (have to authenticate against an Active Directory server) here http://wiki.galaxyproject.org/Admin/Config/Apache%20Proxy and it doesn't work for external display sites unfortunately. The section on display sites suggests the following: <Location "/root/display_as"> Satisfy Any Order deny,allow Deny from all Allow from hgw1.cse.ucsc.edu Allow from hgw2.cse.ucsc.edu Allow from hgw3.cse.ucsc.edu Allow from hgw4.cse.ucsc.edu Allow from hgw5.cse.ucsc.edu Allow from hgw6.cse.ucsc.edu Allow from hgw7.cse.ucsc.edu Allow from hgw8.cse.ucsc.edu </Location> but that doesn't stop Apache requiring authentication. Only putting the Allow from hgw1.csc.ucsc.edu lines in the Location "/" directive gets past that but then I hit another issue which didn't previously exist where I get an error "redirected to non-http(s): /static/user_disabled.html" which is new since I have had it work with this current install. It is possible that CentOS has pushed an update onto my server that has changed some subtle behaviour I guess but it is eluding me entirely and Google isn't doing me much good (Samsung, why did you have to exist?!) For the moment I've disabled the UCSC sites but that isn't a long term solution and I'm stuck because I have to use Apache and AD authentication so I would appreciate hearing from anyone who has figured out how to get this to work. Shane -- For urgent cases, contact support@biomatters.com Dr Shane Sturrock shane.sturrock@biomatters.com Senior Scientist Tel: +64 (0) 9 379 5064 76 Anzac Ave Auckland New Zealand