authenticated_userid ramdomly return empty when application runs under WSGI and not using pserve

[QLands Software]

Hi,

I have an application that implements Basic Authentication with no-groups no-object Authorization as described by Michael Merickel at http://michael.merickel.org/projects/pyramid_auth_demo/

My init has the following bits:

authn_policy = AuthTktAuthenticationPolicy(
        settings['auth.secret'],
    )

authz_policy = ACLAuthorizationPolicy()

config = Configurator(settings=settings,
                          authentication_policy=authn_policy,
                          authorization_policy=authz_policy,
                          )

My login view has the following code:

@view_config(route_name='login', renderer='templates/home/login.html')
def login_view(request):
    commonCSS.need()
    commonJS.need()
    siteScript.need()
    next = request.params.get('next') or request.route_url('home')
    login = ''
    did_fail = False
    if 'submit' in request.POST:
        login = request.POST.get('login', '')
        passwd = request.POST.get('passwd', '')

        print "*****LST users*********"
        for tuser in USERS:
            print tuser
        print "*************"

        user = USERS.get(login, None)
        if user and user.check_password(passwd):
            print "************"
            print "User found"
            print "*************"
            headers = remember(request, login)
            return HTTPFound(location=next, headers=headers)
        did_fail = True

    return {'login': login,'failed_attempt': did_fail,'next': next}

In subsequent views of my application I check whether an user has been login with authenticated_userid(request) for example:

@view_config(route_name='profile', renderer='templates/user/profile.html')
def profile_view(request):
    commonCSS.need()
    commonJS.need()
    siteScript.need()
    login = authenticated_userid(request)
    user = USERS.get(login)
    if (user == None):
        return HTTPFound(location=request.route_url('login'))
    else:
        totacy = len(getUserLog(user.login))
        return {'activeUser': user,"totacy":totacy,'helpers': helpers}

If I run this application with Apache and WSGI authenticated_userid() sometimes return empty and sometimes the logged user (randomly). However I try to replicate the same problem by running pserve ./production.ini And I just can't reproduce the error with pserve.

Any idea what am I doing wrong?