I have not experienced such a problem in similar situation. May be the difference is that in my case the user have establishd session (with associated cookie with it) before he posts hist user/pass.

Couldn't you establish the session when displaing the login form?