From 3fe4bb198e9a1cfdbbb7599a36526323118bfce6 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jaime=20Pe=CC=81rez?= <jaime.perez@uninett.no>
Date: Tue, 27 Sep 2016 10:41:52 +0200
Subject: [PATCH] Log a warning when we notice a probable misconfiguration of
 PHP sessions.

This is related to #478.
---
 lib/SimpleSAML/SessionHandlerPHP.php | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/lib/SimpleSAML/SessionHandlerPHP.php b/lib/SimpleSAML/SessionHandlerPHP.php
index 8947296c3..7964af748 100644
--- a/lib/SimpleSAML/SessionHandlerPHP.php
+++ b/lib/SimpleSAML/SessionHandlerPHP.php
@@ -51,6 +51,14 @@ class SimpleSAML_SessionHandlerPHP extends SimpleSAML_SessionHandler
         }
 
         if ($previous_session) {
+            if (session_name() === $this->cookie_name || $this->cookie_name === null) {
+                SimpleSAML\Logger::warning(
+                    'There is already a PHP session with the same name as SimpleSAMLphp\'s session, or the '.
+                    "'session.phpsession.cookiename' configuration option is not set. Make sure to set ".
+                    "SimpleSAMLphp's cookie name with a value not used by any other applications."
+                );
+            }
+
             /*
              * We shouldn't have a session at this point, so it might be an application session. Save the details to
              * retrieve it later and commit.
-- 
GitLab