[Zope-dev] REQUEST.AUTHENTICATED_USER question

Jens Vagelpohl jens@zope.com
Wed, 23 Jan 2002 15:56:15 -0500


well, the API calls that you are attempting to use aren't really "for 
public consumption". they are calls made inside the gory insides of the 
zope security machinery and user code shouldn't really use them.

i suggest you use a cookie-enabled user folder and manipulate the cookie 
from your code when you want to "switch" the user. the user should be 
"switched" the next time a page is requested.

jens


On Wednesday, January 23, 2002, at 04:28 , vio wrote:

> * Jens Vagelpohl <jens@zope.com> [020123 15:53]:
>> i don't quite understand the problem. there are literally dozens of user
>> folder products that let you customize the login process in all kinds of
>> ways.
>
> Perhaps. The problem is that I can't seem to make them play nice with my 
> own
> code (the few I had a look at). Surely, because I don't understand them.
>
> Also, as mentionned in a previous message in this thread, all I am looking
> for is for the few Zope incantations to 'switch' user identities,
> and I can take care of the rest. Now I found how to make this switch, 
> using
> AccessControl.SecurityManagement.newSecurityManager(None, myUser)
> only this switch doesn't 'persist'.
> What is my problem then: at this point, to change the data in the cookie 
> Zope
> lays on the browser, so it points to the new 'switched' user. In other 
> words,
> make a 'persistent' switch.
>
> Furthermore, I don't really need an entire product to do this. Just a few 
> well
> placed calls to Zope machinery seems to do the trick.
> Less overhead as a bonus.
>
> Cheers,
> Vio