CMS/typo3/sysext/core/Classes/Authentication/AbstractUserAuthentication.php .. Will be set to TRUE if the login session is actually written during auth-check..