We should add support for session cookie with configurable name containing the session id used as nonce for Authentication Requests.