Re: Securing components from non logged in users
hmmm. I’ve gotta take off for awhile here but you might want to investigate something like this to replace the bp_core_redirect() call: http://www.internetofficer.com/seo/html-redirect/
(from link above)
The HTML redirect allows to introduce a delay before the redirection is performed. It is sometimes called META refresh redirect.
That would mean writing your own redirect() fn. Maybe the normal wp redirects have a delay option?