diff --git a/application/forms/Authentication/LoginForm.php b/application/forms/Authentication/LoginForm.php
index fa39af35f..9955c92d1 100644
--- a/application/forms/Authentication/LoginForm.php
+++ b/application/forms/Authentication/LoginForm.php
@@ -11,12 +11,6 @@ use Icinga\Web\Form;
  */
 class LoginForm extends Form
 {
-    /**
-     * Disable CSRF protection
-     * @var bool
-     */
-    protected $tokenDisabled = true;
-
     /**
      * Interface how the form should be created
      */
diff --git a/library/Icinga/Web/Form.php b/library/Icinga/Web/Form.php
index a1564fb27..d6f07cd3a 100644
--- a/library/Icinga/Web/Form.php
+++ b/library/Icinga/Web/Form.php
@@ -10,6 +10,7 @@ use Zend_Config;
 use Zend_Form_Element_Submit;
 use Zend_Form_Element_Reset;
 use Zend_View_Interface;
+use Icinga\Web\Session;
 use Icinga\Web\Form\Element\Note;
 use Icinga\Exception\ProgrammingError;
 use Icinga\Web\Form\Decorator\HelpText;
@@ -112,7 +113,7 @@ class Form extends Zend_Form
     public function getSessionId()
     {
         if (!$this->sessionId) {
-            $this->sessionId = session_id();
+            $this->sessionId = Session::getSession()->getId();
         }
 
         return $this->sessionId;
diff --git a/library/Icinga/Web/Session/PhpSession.php b/library/Icinga/Web/Session/PhpSession.php
index 729710bce..355d31186 100644
--- a/library/Icinga/Web/Session/PhpSession.php
+++ b/library/Icinga/Web/Session/PhpSession.php
@@ -191,6 +191,15 @@ class PhpSession extends Session
         }
     }
 
+    /**
+     * @see Session::getId()
+     */
+    public function getId()
+    {
+        $this->open(); // Make sure we actually get a id
+        return session_id();
+    }
+
     /**
      * Assign a new sessionId to the currently active session
      */
diff --git a/library/Icinga/Web/Session/Session.php b/library/Icinga/Web/Session/Session.php
index 8ae45755e..0c60d7f98 100644
--- a/library/Icinga/Web/Session/Session.php
+++ b/library/Icinga/Web/Session/Session.php
@@ -54,6 +54,13 @@ abstract class Session extends SessionNamespace
      */
     abstract public function refreshId();
 
+    /**
+     * Return the id of this session
+     *
+     * @return  string
+     */
+    abstract public function getId();
+
     /**
      * Get or create a new session namespace
      *