ad_user_login will eventually call ad_set_signed_cookie.
If you check the code https://openacs.org/api-doc/proc-view?proc=ad_set_signed_cookie&source_p=1, there is actually an explicit reference to the "0" value, so that it will behave exactly as "Inf" concerning the validity of the cookie.
Do I understand correctly your question, or am I missing something?
Ciao
Antonio
grazie mille! Yes, that explains everything. That change isn't in our older code base and I didn't think to check that proc in the latest versions. Problem solved.
Thanks again Brian