Re: [Zope] AUTHENTICATED_USER
Hmmm, I just stumbled upon some deprecation warnings in a google for authenticated_user and that security getUser...equivalent should be used instead. Something like this - http://www.mail-archive.com/zope@zope.org/msg21432.html Quoting Tres Seaver : > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > On 05/13/2011 03:36 PM, Richard Harley wrote: > > Please could someone tell me why AUTHENTICATED_USER was deprecated in > > > favour of the python security module? A quick google says "because it > > > can be replaced"..but this isn't really a good in depth explanation? > If > > a request was manipulated to include another AUTHENTICATED_USER, > > wouldn't Zope just error out anyway? > > What makes you say that AUTHENTICATED_USER is deprecated? ZPublisher > sets and uses the variable in the environment without any deprecations. > > > Tres. > - -- > === > Tres Seaver +1 540-429-0999 tsea...@palladion.com > Palladion Software "Excellence by Design"http://palladion.com > -BEGIN PGP SIGNATURE- > Version: GnuPG v1.4.10 (GNU/Linux) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ > > iEYEARECAAYFAk3NjKUACgkQ+gerLs4ltQ5RiQCfVWCiOZ7mmfkaZIYLv9JFQsF/ > XtEAoJcqmxc9+4YBvzxTP23Sjq8fVhlN > =MhRQ > -END PGP SIGNATURE- > > ___ > Zope maillist - Zope@zope.org > https://mail.zope.org/mailman/listinfo/zope > ** No cross posts or HTML encoding! ** > (Related lists - > https://mail.zope.org/mailman/listinfo/zope-announce > https://mail.zope.org/mailman/listinfo/zope-dev ) > ___ Zope maillist - Zope@zope.org https://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - https://mail.zope.org/mailman/listinfo/zope-announce https://mail.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] AUTHENTICATED_USER
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 05/13/2011 03:36 PM, Richard Harley wrote: > Please could someone tell me why AUTHENTICATED_USER was deprecated in > favour of the python security module? A quick google says "because it > can be replaced"..but this isn't really a good in depth explanation? If > a request was manipulated to include another AUTHENTICATED_USER, > wouldn't Zope just error out anyway? What makes you say that AUTHENTICATED_USER is deprecated? ZPublisher sets and uses the variable in the environment without any deprecations. Tres. - -- === Tres Seaver +1 540-429-0999 tsea...@palladion.com Palladion Software "Excellence by Design"http://palladion.com -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk3NjKUACgkQ+gerLs4ltQ5RiQCfVWCiOZ7mmfkaZIYLv9JFQsF/ XtEAoJcqmxc9+4YBvzxTP23Sjq8fVhlN =MhRQ -END PGP SIGNATURE- ___ Zope maillist - Zope@zope.org https://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - https://mail.zope.org/mailman/listinfo/zope-announce https://mail.zope.org/mailman/listinfo/zope-dev )
[Zope] AUTHENTICATED_USER
Please could someone tell me why AUTHENTICATED_USER was deprecated in favour of the python security module? A quick google says "because it can be replaced"..but this isn't really a good in depth explanation? If a request was manipulated to include another AUTHENTICATED_USER, wouldn't Zope just error out anyway? Cheers ___ Zope maillist - Zope@zope.org https://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - https://mail.zope.org/mailman/listinfo/zope-announce https://mail.zope.org/mailman/listinfo/zope-dev )