Unless you've got a complex setup (as described in the AuthAuthoritative documentation) with multiple authenticating modules, then the default behaviour should be that once authenticated, a visitor should be able to browse at will throughout the entire Auth domain.

So, if that is the case (you've got a simple auth environment), then you might want to check for a few common problems, such as the auth domain not including the whole directory structure (because the auth is done at the wrong directory level (e.g. in a sibling directory to the navigation target, rather than its parent) and problems such as authenticating in example.com, and then trying to navigate to or within www.example.com -- an entirely different authentication domain.

Jim

The www vs. non-www problem is seen on a number of sites.

That was it. PHP script coder was using it in his work. I removed from a page and it was cleared. I have asked him to remove any others.

Many thanks to both of you.

Kirk

You should have a site-wide 301 redirect installed, from non-www to www, to stop this sort of thing from ever occurring.

It is just a couple of lines in the .htaccess file.