make authentication agents pass a session_id parameter
The session_id has got to be empty for now. The thinking is that in the future we might want to register an authentication agent that runs in secure desktop, e.g. a separate session from the user session.
Showing with 76 additions and 13 deletions