We have a federation setup and webagentoption pack is configured on JBoss and webagent is configured on Apache 2.4.User logs in successfully.
When the user clicks on logout, webagent marks the SMSESSION as LOGGEDOFF also the IDP cookie is deleted.
Now in the same browser when user tries to login again, IDP challenges the user and after successful authentication, SAML token is sent to SP (JBoss). WebagentOption Pack on JBoss receives the SAML and creates the SESSION cookie. it creates another SMSESSION cookie and does not delete the existing SMSESSION cookie which is marked LOGGEDOFF.
When the user is redirected to target there are 2 SMSESSION cookies. We are having issues because of these 2 cookies.
Is there a way to configure webagent option pack to delete the SMSESSION cookie which is marked LOGGEDOFF when it creates a new SMSESSION cookie?