Either this feature doesn't actually exist, or it's right under my nose and I'm missing something obvious. Either way, I'll be happy to contribute to either the documentation or code when I find the answer.
I see the Authlogic::Session::Session class and have read the code, and I see Session is included in Base after Cookies, and I've googled to high heaven, but I can't for the life of me figure out how to get authlogic to use the Rails session only, instead of its own credentials cookie (if that is in fact possible and the intended usage).
If I log into my app and then delete the user_credentials cookie, I still stay logged in. So apperantly authlogic is storing the credentials in both places and checking both places. I would like it to never set or reference the user_credentials cookie -- is this possible?
The remember_me cookie is already set to false by default.