[Zope] Checking Authenticated User Name???
Peter Bengtsson
mail@peterbe.com
Thu, 11 Apr 2002 18:02:40 +0200
On Thursday 11 April 2002 01:01, Jason Burke wrote:
>
> I did notice a reference to something like this...
>
> REQUEST.AUTHENTICATED_USER.getUserName()
>
> but, this doesn't seem like it would be any more secure than
> just assigning REQUEST.AUTHENTICATED_USER to a
> variable.
Suppose someone does assign REQUEST.AUTHENTICATED_USER like 'foo' then the
classmethod getUserName() will not work. Use that.