Steve,
>Shouldn't the page check to see if the user is already authenticated before redirecting?
Actually, it does. If you look at the code in mmBusinessWebPage.OnLoad(), you'll see it also checks if this.SecurityUserPK == null. Behind the scenes, the SecurityUserPK property simply checks the session variable "mmUserSecurity_UserPk" to see if it's been set. If it hasn't the user gets redirected.
Regards,
Kevin McNeish
Eight-Time .NET MVP
VFP and iOS Author, Speaker & Trainer
Oak Leaf Enterprises, Inc.
Chief Architect, MM Framework
http://www.oakleafsd.com