On Mar 1, 2005, at 8:57 AM, Mario Ruggier wrote: > Just thought of this point... what if you want both behaviours, i.e. > > a) the first being that when a restricted resource is requested > without being logged in then a login page is shown and on eventual > successful login the resource is returned, and > > b) an explicit login link or button, requiring an explicit login url No problem. Just protect the "congratulations, you are authenticated" page (at url, say "/login") with "ensure_signed_in()".