Sorry, I didn't explain well enough.
The clean_session() function is something I wrote to reset all session
variables in the case the user is a different person logging in from the
same machine. So it contains lines like:
session.var1 = None
session.dict1 = {}
etc.
The nutshell is an expression of brevity so the following couple of
sentences explaining what the code does is what I meant.
What you could do is try this out without Janrain to see how it works. I had
the problem were several users share the same Windows workstation and the IT
department set the workstation up with a common user id for all users. So if
a more privileged user logged out and a less privileged one logged in the
session file was reused and as far as teh web2py app was concerned it was
still the same user. Browser cookies are used to establish the session id so
if you stay on the client PC as the same user the same cookie is used the
next time anyone logs in form that workstation. That is the way it works
with web browsers.
If you can login on the client workstation with different ids then that
would help.
I offered the above concept to show you how I got around this with multiple
users sharing the same login on the workstation. However I do not use
Janrain so there are very likely other issues in there.
Ron
