Advice re Sessions and DataSource looping please

Not sure what I'm doing wrong, I would appreciate some help/advice. I'm using SoapUI 4.0.0, and I've been using it for the grand totoal of about 8 hours so far, so I'm very much new to this.

I'm trying to put together a test suite to exercise part of our api. The test steps are as follows:
1 Properties
2 "REST Login"
3 Property Transfer
4 MySQL DataSource
5 "REST can"
6 Datasource Loop

Properties holds one item, sessionID
REST login performs a login to our service. XML returns (for example)
<root>
<error>200</error>
<errorText>OK</errorText>
<data/>
<loggedIn>1</loggedIn>
<yourSession>1t1972j5p8tmua4n58bdcid2q6</yourSession>
</root>

Property transfer has one transfer, named sessionID, which does an xpath lookup of //yourSession from REST Login ResponseAsXML, to Target: Properties Property: sessionId

MySQL Datasource picks up 2 columns from a local database, Range and Number (Limit 5 rows, for testing)

REST can is a call to our api, url of form http://mydomain/rest/7310/canMapNumber/<RANGE>/<NUMBER>?rt=xml&to=012345678
Range parameter in url is value ${MySQL DataSource#test_range}
Number parameter in url is ${MySQL DataSource#test_number}
There is one Header for the call: Header: Cookie Value: PHPSESSID=${sessionId}

When I run the Test Case, The MySQL bit works great - each call is constructed correctly with values from database. However, Each call fails with "Not Logged In" error from api, and when I look at the Raw request info, I see:
GET https://mydomain/rest/7310/canMapNumber ... =012345678 HTTP/1.1
Accept-Encoding: gzip,deflate
Cookie: PHPSESSID=1t1972j5p8tmua4n58bdcid2q6
User-Agent: Jakarta Commons-HttpClient/3.1
Host: mydomain
Cookie: $Version=0; PHPSESSID=1t1972j5p8tmua4n58bdcid2q6; $Path=/

which has 2 Cookies for PHPSESSID.

Any idea what I'm doing wrong ?