Hi, I used successfully newSecurityManager in a Product to change dynamically the user during a transaction (running some methods as owner). I tried to use this to change dynamically the user in a special folder hierarchy based on a request parameter. For doing this in this folder, I made standard user folder, a Python script as access rule that calls an external method like this... Python script (setUser1)... ==== container.setUser2(container) return ==== External method setUser2... ==== from AccessControl.SecurityManagement import newSecurityManager requestKey = 'an_userid' def setUser2(container): anUserId = container.REQUEST.get(requestKey, None) userFolder = container.acl_users if anUserId: userObj = userFolder.getUser(anUserId).__of__(userFolder) if userObj: newSecurityManager(container.REQUEST, userObj) return ==== The newSecurityManager is executed but seems to have no effect on the user during the rest of the transaction : <dtml-var AUTHENTICATED_USER> always shows "Anonymous User" in a template for which the above access rule is executed, and the REQUEST has a valid "an_userid" key. Did I miss something somewhere ? Why such a construct works in a Product and not in an external method ? Many thanks in advance. --Gilles