Having Trouble with Security Assist

I am assuming I am missing something obvious. I have used the DW Login/Authentication behaviors for years, with no problems but I wanted the extra features of the WA versions. I am using PHP/MySQL

First off, it's looking for the values from my users table (called 'users') : User ID, User Name and Password. So I initially set them as:

User ID -> users.Email
User Name -> users.FirstName
Password -> users.Password

But the logon.php page was prompting for User Name which confused me, so I made both User ID and User Name map to users.Email

So when I log on it seems to work. I see "login.php?loggedIn=1" in my address bar.

Then I created a new page (logtest.php) and selected Server Behaviors -> Web Assist -> Security Assist -> Secure Page and when it asks for a rule I select "Logged in to users" and redirect to login.php on failure.

The problem is it aways fails, I always get redirected to logon.php

Here is my logtest.php page:

<?php require_once( "webassist/security_assist/helper_php.php" ); ?>
<?php
if (!WA_Auth_RulePasses("Logged in to users")){
WA_Auth_RestrictAccess("login.php");
}

@session_start();
?>

<!doctype html>
<html>
<head>
<meta charset="UTF-8">
<title>testing</title>
</head>

<body>
<p> You are logged in </p>
</body>
</html>

Checking my server variables I see I have:

SecurityAssist_ID xx@yyyy.com
FirstName Fred
Admin 9

The last two are values from my users table.

I am at a total loss. I've been working on this for hours, trying all sorts of combinations. i'm sure I'm just missing something simple.

Thanks in advance for any help.