I think there are some "side effects" I don't understand (currently) which are setting self::$_destroyed of Zend_Session at something else than a boolean. I posted on Nabble's forum : http://www.nabble.com/Zend_Session-coupled-with-Zend_Auth-throws-an-exception-in-ZF-%3E1.0.3-td17364322.html#a17401565 So, I'm not a pretty good developer, but it could be nice to add some code du Zend_Session, in the start function, at the beginning: if (! is_bool(self::$_destroyed) && !empty(self::$_destroyed) ) { require_once 'Zend/Session/Exception.php'; throw new Zend_Session_Exception('The session is set as destroyed with the value "'.self::$_destroyed.'" but has not been explicitly destroyed during this request.'); } //the code below already exists, I've just added the '===true' if (self::$_sessionStarted && self::$_destroyed===true) { require_once 'Zend/Session/Exception.php'; throw new Zend_Session_Exception('The session was explicitly destroyed during this request, attempting to re-start is not allowed.'); }