Log a warning when we notice a probable misconfiguration of PHP sessions.

This is related to #478.

1 files changed, 8 insertions, 0 deletions

diff --git a/lib/SimpleSAML/SessionHandlerPHP.php b/lib/SimpleSAML/SessionHandlerPHP.php
index 8947296..7964af7 100644
--- a/lib/SimpleSAML/SessionHandlerPHP.php
+++ b/lib/SimpleSAML/SessionHandlerPHP.php
@@ -51,6 +51,14 @@ class SimpleSAML_SessionHandlerPHP extends SimpleSAML_SessionHandler
         }
 
         if ($previous_session) {
+            if (session_name() === $this->cookie_name || $this->cookie_name === null) {
+                SimpleSAML\Logger::warning(
+                    'There is already a PHP session with the same name as SimpleSAMLphp\'s session, or the '.
+                    "'session.phpsession.cookiename' configuration option is not set. Make sure to set ".
+                    "SimpleSAMLphp's cookie name with a value not used by any other applications."
+                );
+            }
+
             /*
              * We shouldn't have a session at this point, so it might be an application session. Save the details to
              * retrieve it later and commit.