Thanks Jason - but unfortunately, neither solution works!
Meanwhile, I have set various 'create session x if session x is missing' on the restricted page, so at least that solves the problem temporarily.
(BTW - have I missed something in the login behaviour to redirect to the previous page after login if access denied?)
Cheers
Chris