Current implementation of the ZOO-Kernel does support cookie handling. Nevertheless, this imply an unicity in cookie variables named "ID" or containing the "ID" string in its name.

It means that when you are requesting ZOO-Kernel providing a cookie variable named "ID" or containing the "ID" string (let say AuthID) it will try to load the corresponding session file. Obviously this last doesn't exist as the session was not created from a ZOO-Service. In such a case, the ZOO-Kernel failed returning an ExceptionRepport? such as in Milan's mail [1]. So, it imply that the ZOO-Kernel is not usable until the user's session expires or cookie are manually cleared.

[1] ​http://lists.osgeo.org/pipermail/zoo-discuss/2013-July/000981.html