I think there's a bug on php agent. The function:
function getSessionId() {
return $_COOKIE['JOSSO_SESSIONID'];
}
is not giving the right session id. The agent is returning 'JOSSO_SESSIONID' cookie's value relative to each partner's app. I think it should return the login server's (josso's) session id. I compare the cookie generated by two partner apps and it's different if I login in one of them.
Is there a way returning correct 'JOSSO_SESSIONID' regarding $_COOKIE only return cookie values on the requested domain? Or is there a patch for this?