For the most recent stable release of CodeIgniter (2.1.3), there is a rather annoying simultaneous request problem that will kill active sessions. You might have experienced this yourself if you had a website or application with lots of AJAX requests or other simultaneous requests. The tell-tail sign was that your users would be logged out after the update session time had passed (5 minutes by default).

The solution that seemed to work for most folks involved extending the session library with your own MY_Session.php library that overwrote the sess_update method with one that only executed the update method when not an AJAX request:

<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');

require_once BASEPATH . '/libraries/Session.php';

class MY_Session extends CI_Session
{

    function __construct()
    {
        parent::__construct();

        $this->CI->session = $this;
    }

    function sess_update()
    {
        // Do NOT update an existing session on AJAX calls.
        if (!$this->CI->input->is_ajax_request())
            return parent::sess_update();
    }

}

/* End of file MY_Session.php */
/* Location: ./application/libraries/MY_Session.php */

You can either auto-load this library from config/autoload.php:

$autoload['libraries'] = array( 'MY_Session');

Or, you can load it later:

$this->load->library('MY_Session');