Comment 29 for bug 1394370

I haven't read the entire ticket, however if this is your login view: https://github.com/openstack/horizon/blob/master/openstack_dashboard/views.py#L38-L48 then that's your problem right there. The request.session.clear() deletes the session and sets modified=True so it will create a new session.

I would recommend just flat out deleting that session manipulation code there. The Django login code already will ensure that session keys are rotated on authentication boundaries without creating a new session on every page load so the clearing of the session doesn't really do much of anything there. Setting the test cookie I don't think will hurt anything but I don't think you need it either TBH.