My home page has some personalized content that I show when a known user
visits without requiring them to log in on each visit. But right now
when I visit the home page with an expired authid cookie (or no authid
at all, but with a valid rememberid cookie), I get the anonymous view.
Then I click on my "My Account" link and the system generates a new
authid for me based on my rememberid cookie. If I then go back to the
home page I see the personalized version.
Am I correct in concluding that the "remember me" feature only creates a
new authentication session when the user attempts to visit an
authenticated element, but doesn't have any effect on identified
elements? Is that intended behavior or a bug? If it's intended, is there
a configuration option to get auto session creation on identified
elements too?
Barring such an option, is there a better approach than maintaining my
own "user ID" cookie that's not used by RIFE's authentication code? That
seems like the obvious solution to me at this point but maybe there's a
better way.
-Steve
_______________________________________________
Rife-users mailing list
[email protected]
http://lists.uwyn.com/mailman/listinfo/rife-users
