Session expires when processing payment with secpay

[craftgroup]

The store is virtually finished and were having major problems with integrating with secpay. Using the 1.2.5 secpay module the user enters the payment details on secpays servers and when the callback returns with the digest key, zencart returns the session expired template. I've tried everything but getting nowhere fast.
Any help / advise will be much appreciated.

Its very strange as the logs show 3 callbacks from secpay but secpay only claim to only do one and have said it must be zencart that do redirects:

First callback:
/index.php?main_page=checkout_process&valid=true&trans_id=The_Craft_Group20080123 101232&code=A&auth_code=9999&amount=54.65&ip=213.40.195.14&test_status=true&mpi_ status_code=234&mpi_message=Unable+To+Verify+Enrollment&zenid=ia55i32582c1h0k1vv vl1ic9c2&hash=b9645968580bfcf1c06153aac6b2a307 HTTP/1.1" 302 -

Second Callback - notice the blank zenid:
/index.php?main_page=checkout_payment&zenid=&payment_error=secpay

Third Callback - the session page:
/index.php?main_page=time_out&zenid=

[mypashop]

Same problem for me, similar technique used by the payment provider.
I am looking to streamline my payment module to fit better in the zen-cart module technology and encounter the same problem.

However, i will outline how it worked before i worked on streamlining.
It worked fine, when the response handling happened in a dedicated file
on root level of the zencart.
That dedicated file had to be in the root level, in order to make no errors because of including the the application_top.php.
It contains include app_top, response handling, redirect to checkout success, include app_bottom.

My last issue with streamlining is this one,
session expired when gateway sends message.

[mypashop]

]http://www.zen-cart.com/forum/showthread.php?p=502437