I encountered a similar problem before, I solved it by using COOKIES instead. Sessions use server parameters, and could be reset by the server instead.
During initialization, I check if the cookie exists, then copy all settings to the current session, every changes will be updated on the cookie and session.
The reason for using both is because the client's browser does not recognize a newly built cookie unless a second request has been made (since a cookie lives with the client).
Long answer short, use cookies if you want users to stay alive for long time.
