From 3e2a4283c1503b2ae1e0d34b583ed6a0e8f794e7 Mon Sep 17 00:00:00 2001
From: Alexey Kontsevoy <biz.kovoy@gmail.com>
Date: Fri, 12 Jul 2019 09:14:13 -0400
Subject: [PATCH] Do not clear cookies when bearer token does not match

---
 lib/web/apiserver.go | 2 --
 1 file changed, 2 deletions(-)

diff --git a/lib/web/apiserver.go b/lib/web/apiserver.go
index a9dd1c558524d..6fdca750060f2 100644
--- a/lib/web/apiserver.go
+++ b/lib/web/apiserver.go
@@ -1999,8 +1999,6 @@ func (h *Handler) WithClusterAuth(fn ClusterHandler) httprouter.Handle {
 		ctx, err := h.AuthenticateRequest(w, r, true)
 		if err != nil {
 			log.Info(err)
-			// clear session just in case if the authentication request is not valid
-			ClearSession(w)
 			return nil, trace.Wrap(err)
 		}
 		siteName := p.ByName("site")