[Zope] RDBMS Applications and direct calling of script(python)and sql methods

Dylan Reinhardt zope at dylanreinhardt.com
Thu Oct 9 21:39:30 EDT 2003


On Thu, 2003-10-09 at 15:54, Erik Myllymaki wrote:
> > ----
> > from AccessControl import getSecurityManager
> > return getSecurityManager().getUser().getUserName()
> > ----
> Any reason why you shouldn't just use  <dtml-var AUTHENTICATED_USER>
> as a parameter to your SQL query?

AUTHENTICATED_USER is deprecated because the SecurityManager object is a
far more secure source of authentication information.

Anyway, once you've set it up, get_user() is way less typing than
REQUEST.get('AUTHENTICATED_USER').  :-)

HTH,

Dylan




More information about the Zope mailing list