Index: openacs-4/packages/acs-tcl/tcl/security-procs.tcl
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/acs-tcl/tcl/security-procs.tcl,v
diff -u -N -r1.71 -r1.72
--- openacs-4/packages/acs-tcl/tcl/security-procs.tcl	18 Apr 2011 21:25:34 -0000	1.71
+++ openacs-4/packages/acs-tcl/tcl/security-procs.tcl	19 Apr 2011 00:08:01 -0000	1.72
@@ -98,11 +98,17 @@
 	# The session cookie already exists and is valid.
 	set cookie_data [split [lindex $cookie_list 0] {,}]
 	set session_last_renew_time [lindex $cookie_data 3]
-    if {[string is integer -strict $session_last_renew_time]} {
-        set session_expr \
-            [expr {$session_last_renew_time + [sec_session_timeout]}]
+    if {![string is integer -strict $session_last_renew_time]} {
+        # This only happens if the session cookie is old style
+        # previous to openacs 5.7 and does not have session review time
+        # embedded.
+        # Assume cookie expired and force login handler
+        set session_last_renew_time 0
     }
-    if {![info exists session_expr] || $session_expr < [ns_time]} {
+    
+    set session_expr [expr {$session_last_renew_time + [sec_session_timeout]}]
+    
+    if {$session_expr < [ns_time]} {
         sec_login_handler
     }
                
@@ -507,6 +513,7 @@
 	    set login_list [sec_login_read_cookie]
       	if {[lindex $login_list end] == 1} {
 	        set discard f
+            set max_age inf
 	    }
     }
     ad_set_signed_cookie -discard $discard -replace t -max_age $max_age -domain $domain \