I have actually successfully used the deeplink with an active session in the past.
The Java code has been designed to accommodate to re-use existing session. If the deeplink module would recreate the session or require you to login every time that could give you some frustrating results.
The variables arguser and pass aren't necessary though. Those are intended for logging in using a url such as: /link/Test?username=MxAdmin&password=1
However there is a function that should evaluate the request and check if there is an active session. That step in the process (Stardeeplink.java:line130) should get the active session and use that for the deeplink.
The debug message you are referring to is incorrect though. It says that there is no session found, while in fact that message should say that no username/password have been provided.
There are no debug messages that actually provide you with the information you are looking for.
This part of the deeplink is not functional. If fact the login cookie is set in a sub routine. You could adapt the above part by retrieving the username and session from the cookie and check whether this valid.
Your case is also visible if you call the same deeplink twice in the same browser, it will create two sessions, which is not needed.
Jasper is correct. I've done some further code-level debugging, and it turned out the code itself is correct, but the debug/trace messages are confusing.
The reason that the deeplinks kept redirecting to the main page was not that there was no session available (as the log message suggested), but that in our Mendix project, a role-based homepage was set for the user in question. That role-based homepage didn't contain the deeplink logic (instead it simply called a page).. Result: The pending link was correctly generated, but the homepage call for the user never picked up on it.
Thanks for the input people!
Basically, calling a deeplink to access a page using an existing user session does not currently work? Good to know. Means I'm not wasting time trying to find a workaround :)
Thanks for the answer & the advice!