Arjan,
So the use-case you are concerned about is that if a user directly
navigates to the login form, either via a bookmark or a link from a
not protected page in the application, then calling authenticate()
might see some state (most specifically the original destination) from
a previous invocation.
Well I can see that could be a problem, but I'm not sure that it is
only related to the authenticate() method. Pure FORM authentication
suffers from the same issue without the use of a call to authenticate.
Maybe the solution it to describe what behaviour should be when the
login form sees a referrer field that differs from any save
destination. If we said that if the referrer field is present, then
it should replace any saved destination, would that fix your issue?
regards
--
Greg Wilkins <gregw@webtide.com> CTO http://webtide.com