My home page has some personalized content that I show when a known user visits without requiring them to log in on each visit. But right now when I visit the home page with an expired authid cookie (or no authid at all, but with a valid rememberid cookie), I get the anonymous view. Then I click on my "My Account" link and the system generates a new authid for me based on my rememberid cookie. If I then go back to the home page I see the personalized version.

Am I correct in concluding that the "remember me" feature only creates a new authentication session when the user attempts to visit an authenticated element, but doesn't have any effect on identified elements? Is that intended behavior or a bug? If it's intended, is there a configuration option to get auto session creation on identified elements too?

Barring such an option, is there a better approach than maintaining my own "user ID" cookie that's not used by RIFE's authentication code? That seems like the obvious solution to me at this point but maybe there's a better way.

-Steve
_______________________________________________
Rife-users mailing list
[email protected]
http://lists.uwyn.com/mailman/listinfo/rife-users

Reply via email to