Temporarily running as another user in a query

Hi,
Using tech preview 2.0, I have a query that returns the groups that
a user is a member of.
It does:
xmldb:get-user-groups($user)
so that the calling XForms app can customize its UI.
However, the app users' privileges are not enough to call
get-user-groups, so I call
xmldb:login('.', 'admin', *password*, false())

What's strange is, if I call the query via the REST API and
authenticate by Basic Auth, if I refresh the browser and the query
gets called again, it returns the groups of the admin user - even
though I specified false() for session creation.

Any idea why? And is there a way to assume another identity only for
the duration of a query, without doing a session:set-current-user
back to the original user before the query finishes?
Paul

------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and 
threat landscape has changed and how IT managers can respond. Discussions 
will include endpoint security, mobile security and the latest in malware 
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/