[2.0] Session got lost after redirect

[3wv]

I run into a situation that I was able to successfully login, but the redirect after the successfull login somehow killed the session.

I had to avoid the redirect and just go manually to the protected pages - then the sessions worked. I figured out that I had to change the Session config in /Config/core.php and use "use_trans_sid" set to true.

Configure::write('Session', array(
    //...,
    'ini' => array('session.use_trans_sid' => true)
));

Did I miss something or is my new session config dangerous?

[burzum]

You should better not use it http://www.mtdev.com/2002/06/why-you-should-disable-phps-session-use_trans_sid

However, can you please provide a little more info about the redirect? Did you modify any code related to the login? Whats you Auth setup? Did you override the _setupAuth() method from the users controller?

[3wv]

In the meantime, I have change a lot of things back and forth and it works without setting session.use_trans_sid to true (which wouln't have been a valid option for an app in production).
Unfortenately, I cannot track the real reason for the problem.