SaltedHashLoginGenerator - strange behaviour?

I have integrated this generator into my code but I am having problems
understanding how it works. Specifically, I am observing what I think
is strange, unexpected behaviour. For example,

1) I enter my chosen application URL expecting to be forced to log in
2) I get routed to the login page as expected

In response to (1) my logger.info statements indicate that the
user_system.login_required method is called (expected) and that this
method calls user_system.protect? (expected)which returns true (I have
not overridden the default code). The user is then re-directed to the
login action (expected) and the log file claims that the filter chain
is broken as login required returns false (expected, I think).

The log files then indicate that "login_required" is again called in
response to the re-direct (2) but this time the user_system.protect?
method is not called. I am trying to understand why this is the case as
I would expect it to be called as there appears to be no significant
difference to the first request.

Can anyone help or point me in the direction of a good source of
information?