Interaction between redirect_to and session variable

I have used restful_authentication to implement a login system and it
works fine except that every couple of weeks I can’t login when I use
IE; it works fine when I use other browsers! The problem goes away after
a few hours! It seems to me somehow sometimes after logging in, the
session variable is not set!

I have the following code for create action in my sessions_controller.rb

  def create
    logout_keeping_session!
    user = User.authenticate(params[:login], params[:password])

    if user
      self.current_user = user
      new_cookie_flag = (params[:remember_me] == "1")
      handle_remember_cookie! new_cookie_flag

      redirect_to '/sessions/home'
    else
      note_failed_signin
      @login = params[:login]
      @remember_me = params[:remember_me]

      redirect_to "/sessions/login"
    end
end

Can redirect_to '/sessions/home' cause the problem with the session
variable and erase its value?

I have used restful_authentication to implement a login system and it
works fine except that every couple of weeks I can’t login when I use
IE; it works fine when I use other browsers! The problem goes away after
a few hours! It seems to me somehow sometimes after logging in, the
session variable is not set!

apparently IE has quirks when setting a cookie at the same time as
redirecting. Some say that setting a P3P header help (see comments on
http://jhottengineering.blogspot.com/2009/02/ie-post-and-redirect-errors.html
for example)

Fred

Thank you, Fred! I looked at the page that you mentioned and some
related pages. I have implemented several possible solutions and will
try them next time the bug is activated and will post the result here
for others who may face this problem in future.

Frederick Cheung wrote in post #972206: