Hi Thomas, Am 03.12.2013 18:04, schrieb Thomas Eckert: > Now suppose the following > > [...] > 32 user fills in and submits form > 32 custom auth provider receives the user credentials > 33 custom auth provider looks up it's own session in it's module > internal session cache > 34 custom auth provider realizes the provider internal session expired
I think what is missing here is something between 32 and 33 that re-validates the custom auth provider's internal session, whenever valid user credentials where received from a filled form. Or why is it in 34 that the provider's internal session is expired? Regards, Micha
