Defect HC-18256

Invalid cookie error after session expires when AllowMultipleLogonForSameUser enabled and using WCTokens


Customer case Applies to Corrected in
CS0299461 V8.0.4.28

Observed behavior

When AllowMultipleLogonForSameUser is enabled, making a REST request to an API that allows partial authentication, using WCTokens and WC_PERSISTENT cookie, after the session has expired results in INVALID_COOKIE error in the REST response.

Expected behavior

There should be no invalid cookie error message generated.


The ActivityAuthenticationCookie logic was incorrectly checking for "Active" activities instead of "not Terminated". The code has been corrected.