fixes #4574

lib/base.php

@@ -795,11 +795,16 @@ class OC {
 		) {
 			return false;
 		}
-		OC_App::loadApps(array('authentication'));
-		if (OC_User::login($_SERVER["PHP_AUTH_USER"], $_SERVER["PHP_AUTH_PW"])) {
-			//OC_Log::write('core',"Logged in with HTTP Authentication", OC_Log::DEBUG);
-			OC_User::unsetMagicInCookie();
-			$_SERVER['HTTP_REQUESTTOKEN'] = OC_Util::callRegister();
+		// don't redo authentication if user is already logged in
+		// otherwise session would be invalidated in OC_User::login with 
+		// session_regenerate_id at every page load
+		if (!OC_User::isLoggedIn()) {
+			OC_App::loadApps(array('authentication'));
+			if (OC_User::login($_SERVER["PHP_AUTH_USER"], $_SERVER["PHP_AUTH_PW"])) {
+				//OC_Log::write('core',"Logged in with HTTP Authentication", OC_Log::DEBUG);
+				OC_User::unsetMagicInCookie();
+				$_SERVER['HTTP_REQUESTTOKEN'] = OC_Util::callRegister();
+			}
 		}
 		return true;
 	}