REMOTE_USER: If the server supports user authentication, and the script is protected, this is the username by which the user is authenticated. What this is saying is that some level of authentication must had happened on the scrip. You have to have at least authenticate with clear text and have your ASP code protected using the NTFS security.I would like to know what having the ASP code protected using the NTFS security means.