On 7/8/05, Dieter Maurer <[EMAIL PROTECTED]> wrote: > Peter Bengtsson wrote at 2005-7-8 13:24 +0100: > >I've learnt that it's better to use getSecurityManager instead of > >REQUEST.AUTHENTICATED_USER > >because it's more secure. Other than that, what is the difference. > > The security manager could be changed (e.g. with "newSecurityManager"). > "getSecurityManager" would report the change but not "AUTHENTICATED_USER". >
"newSecurityManager" ?? never heard of that. The __doc__ says """ Set up a new security context for a request for a user """ What is this used for? I'm guessing it's something we use in unittests and stuff. -- Peter Bengtsson, work www.fry-it.com home www.peterbe.com hobby www.issuetrackerproduct.com _______________________________________________ Zope maillist - [email protected] http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
