[BUGFIX] rsaauth: remove session-cookie when no longer used