I should preface this question with a little background. I come from a Lotus Domino world where all users are authenticated (not the web interface which allows anonymous but the client interface). I need to do something similar in a Zope environment, that is to say that I want to be sure that all users have authenticated themselves and that the scripts can find out who they are, but I do not want to make them Managers or Owners. I suppose that the answer to this is to create a new role (say "User") and make sure that all the users are enroled in that role and then only allow users with that role to view the objects that I wish to control in this manner. I am relatively new to Zope, and have read the manual, but I am none the wiser either as to whether this is the right approach, or as to how I go about adding such a new role and then how I add such a security filter so that only users with this role can access the objects, there only seems to be controls for Anonymous, Manager and Owner.