Kris McQueen
|
a8112f65de
|
When using session based authentication, we now store the parameters in the session as part of the login processing, instead of returning those parameters so that the caller has to update the session. Authentication now throws an exception on failure and the caught exception is where the session is invalidated.
|
2010-09-13 17:04:11 -07:00 |