When we enable ssl for login/purchase related requests. it usually lose session when moving from ssl to non-ssl which might lead to you lost login status.
Workaround is to disable the session transition in cake core.
Below workaround works for cake1.3.4:
Cake was switching the session.cookie_secure ini value on-the-fly while under
SSL connections automatically, So the cookie being created was a secure cookie,
which the second page wouldn't recognize.
Solution, comment out /cake/lib/cake_session.php line 420 ish:
ini_set('session.cookie_secure', 1);