Check to see if the session key matches. Session keys are crypted before they are held in the session to prevent someone who has access to the session data from hi-jacking it.