Hi ALL,

I have been doing an authentcation package with signup and login/logout features using PAU. When i refered to philips book and the worldcookery example i found the following codes in the signup logic.

class SignUpView(BaseSignUpView):

    signUpForm = ViewPageTemplateFile('signup.pt')

    def signUp(self, login, title, password, confirmation):
        if confirmation != password:
            raise UserError(_(u"Password and confirmation didn't match"))
        folder = self._signupfolder()
        if login in folder:
            raise UserError(_(u"This login has already been chosen."))
        principal_id = folder.signUp(login, password, title)

        role_manager = IPrincipalRoleManager(self.context)

    role_manager = removeSecurityProxy(role_manager) # <- wot does it really do and how does it make the newly
   # created user to be authenticated automatically

        for role in folder.signup_roles:
            role_manager.assignRoleToPrincipal(role, principal_id)
        self.request.response.redirect("@@welcome.html")

The above logic works well for me too. But if i comment the line 'role_manager = removeSecurityProxy(role_manager)',still user creation and role assignment works. but i am asked to login again right after the signup. and the redirect does not work.

And another apporch i have seen in

http://kelpi.com/script/e2019a
http://kelpi.com/script/f49219

so i tried to set the principal as

principal=pau.getPrincipal(principal_id)
sel.request.setPrincipal(principal)

and commented the removeSecurityProxy line.
But it also gives same result.

So is there any other way than using removeSecurityProxy(role_manager)? I also would like to know how risky it can be to use removeSecurityProxy in a code with public (zope.public) permission. I Know this is very trivial issue and everyone have gone through this once.

Thanks in advance.