Session handling in Laravel is indeed different from native PHP session. To use native PHP session, set the value as below:

<?php
    session_start();

    $_SESSION['isAuthorized'] = 'yes';

    echo $_SESSION['isAuthorized']; // output yes
?>

Laravel uses storage drivers for its sessions, namely cookie, file, database, memory, memcached and redis (and APC in Laravel 4).

The web is a stateless environment. This means that each request to your application is considered unrelated to any previous request. However, sessions allow you to store arbitrary data for each visitor to your application. The session data for each visitor is stored on your web server, while a cookie containing a session ID is stored on the visitor's machine. This cookie allows your application to "remember" the session for that user and retrieve their session data on subsequent requests to your application.

^{http://laravel.com/docs/session/config}

The default storage driver is Cookie, so try this:

print_r($_COOKIE);

Please note that this answer is specific to Laravel 3

Laravel doesn't use PHP sessions, so forget session_start(), $_SESSION, etc.

If you're running with file session driver, the session data is stored in a file in storage/sessions. You can obtain the name of the file by reading the Laravel session ID from the cookie. So the hacky way to solve your problem would be to write some code that obtains the session ID from the cookie and then looks for the file with that name in the storage/sessions folder, read that file in, json_decode() it and you can read the whole thing.

If you're running with cookie session driver, all of the session data is stored in the cookie, but it is encrypted, so you'd have to have a copy of the key (which should be in application/config/application.php) and then figure out what encryption method Laravel is using so you can decrypt it. Then you can read all the session variables.

To achieve what you're hoping to achieve - that is, figure out if the current person is authorized, it might be better to build an API into your app and secure it so that it can only be accessed by localhost. Not a great solution from a performance standpoint, but potentially more elegant because you're not hacking around with the internals of Laravel session management.

You could also write a session adapter, so the $_SESSION variable will be an instance of it:

<?php 
class SessionAdapter implements \ArrayAccess {

  public function offsetExists($offset) {
      return Session::has($offset);
  }

  public function offsetGet($offset) {
      return Session::get($offset);
  }

  public function offsetSet($offset, $value) {
      return Session::put($offset, $value);
  }

  public function offsetUnset($offset) {
      return Session::forget($offset);
  }

}

And then somewhere in your code:

<?php 
$_SESSION = new SessionAdapter();
// or
$GLOBALS['_SESSION'] = new SessionAdapter();

This way native PHP session and Laravel session will be "the same".