On the Security Assist support page there is a Solution Recipe for this topic, it is called 'User Level Authentication'. It can be found in the Solution Recipes:
securityassist/
It you are just looking to use logged in versus logged out you can make use of the default rules that are created by Security Assist. You can just use the show region server behavior to show one message versus another based on weather the user passes the logged in rule.