It would be nice if the login form wouldn't pop-up as often as it does.
The current behavior is to redirect the user to the login form whenever he tries to perform an action that requires authentication (view a restricted page, for example). However, for some sites it would be better not to reveal the fact that there's an edit feature right behind the scenes.
So, what I propose is to have an option, 'authentication.offer_login', which defaults to true, and setting it to false will cause restricted actions to display a notice instead of the login screen. The only way to access the login screen is to use the /login/ action.
The type of the notice message should also be configurable, choosing from 'not allowed', 'does not exist', 'restricted' or 'custom' (the skin must contain an empty template where the message should be placed).