I fully acknowledge I may be trying to achieve things in a very cack-handed style here(!) - so am open to suggestions on a better way of doing things.
Currently, I have:
An authentication controller - basically just a view, with user/password prompts, and a submit
A VCS controller - a couple of list boxes, used to list contents on our VCS system, and what's held locally etc, and to synchronise from one to the other. This requires the credentials from the auth controller
A TMS controller - (yet to be added! - but it will be similar to the VCS controller in a way - connects to an in-house test management system, again using the same credentials as supplied by the auth controller, letting the user "do stuff" connecting what is held locally, to the TMS.
The intention is that the user will be able to switch back and forth between the VCS controller, and the TMS controller as they wish... without continually needing to resubmit login credentials all the time.
Can anyone advise how to structure things to make the supplied user/password available to the VCS and tm controllers? I guess one option is to store the text of the user/password as cookies, and let the VCS and TMS controllers but this is not exactly secure!
If it helps, the login view for my auth controller looks like this (not rocket science this one!)