8 Jul
2005
8 Jul
'05
10:20 p.m.
On 7/8/05, Dieter Maurer <dieter@handshake.de> wrote:
Peter Bengtsson wrote at 2005-7-8 13:24 +0100:
I've learnt that it's better to use getSecurityManager instead of REQUEST.AUTHENTICATED_USER because it's more secure. Other than that, what is the difference.
The security manager could be changed (e.g. with "newSecurityManager"). "getSecurityManager" would report the change but not "AUTHENTICATED_USER".
"newSecurityManager" ?? never heard of that. The __doc__ says """ Set up a new security context for a request for a user """ What is this used for? I'm guessing it's something we use in unittests and stuff. -- Peter Bengtsson, work www.fry-it.com home www.peterbe.com hobby www.issuetrackerproduct.com