How would I go, If I wanted ACL processing to start with %{auth_user} instead of %{user} when determining rights? -- peter