On Wed, 2002-05-29 at 16:08, John Harris wrote: > After reading the turbine-2 spec I wanted to verify my understanding regarding user >authentication and sessions. > > As I understand it a session is created whether the user is authenticated or not, >before the homepage/loginpage is presented. Does this mean if you never have the user >authenticate (classes only extend VelocityScreen), then the session is still >available and session pull tools will be available to this session? > > Is the SessionValidator executed only after a login attempt?
It is executed on every request. john mcnally -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
