thought I'd post the conclusion to this original posting by myself!
The problem was due to cookies and Internet Explorer's default settings which seem to reject what it calls Third party cookies. To demonstrate this it is possible to allow such cookies by fiddling with the IE Options and then the login process works correctly.
The reason these are Third-party is because the browser has the gripped url in its address bar but the site issuing the cookie is my own computer with different ip address.
I have worked around the problem by defeating Freeparking's gripping of the url.
I am puzzled by a previous post http://www.ez.no/ez_publish/info/ez_publish_2_2/forum/general/cookieless_sessions_do_not_appear_to_work which says that ezPublish logins work without cookies if you set $UsePHPSessions = true in index.php but unfortunately this is for version 2.1 and there is no mention of $UsePHPSessions in the version 3.4 index.php. Has this setting been changed?
eZ publish 3.x does not support cookie less sessions since they are very un-secure. Since Apache logs referrer URL's it is very easy to hijack sessions stored as part of the URL, specially when linking out from a website as they will be stored in the log file on the remote server as well.
You should also always disable transparent session id's in your PHP configuration. For the same reasons.
