[Zope] getSecurityManager() vs. AUTHENTICATED_USER

Fri Jul 8 13:59:47 EDT 2005

Peter Bengtsson wrote at 2005-7-8 13:24 +0100:
>I've learnt that it's better to use getSecurityManager instead of
>REQUEST.AUTHENTICATED_USER
>because it's more secure. Other than that, what is the difference.

The security manager could be changed (e.g. with "newSecurityManager").
"getSecurityManager" would report the change but not "AUTHENTICATED_USER".

-- 
Dieter