Ecommerce login/logout don't work properly for trunk and stable and even old

Here are the tests I did and their results. I did not consider R14/15 because of OFBIZ-9235

On demos before fixing OFBIZ-9206 and using ofbiz-vm2 direct access

ecomseo trunk and stable (R16)

1. Get to https://demo-trunk.ofbiz.apache.org/ecomseo/ or https://demo-stable.ofbiz.apache.org/ecomseo/
2. login => main page logged in
3. logout => main page, not logged in
4. login => main page logged in
5. Use the "Not you" link => 404
6. Refresh (F5 key) get you to the main page, not logged in

So it works almost correctly but you need a refresh (F5 key) for the "Not you" link, not sure why yet.
It"s the same locally with OFBIZ-9206 fixed*, w/ or w/o portoffset

ecommerce trunk and stable (R16)

1. Get to https://ofbiz-vm2.apache.org:8443/ecommerce or https://ofbiz-vm2.apache.org:18443/ecommerce
2. login => blank page (no 404 in access log)
3. Refresh (F5 key) get you to the main page, logged in
4. logout => blank page (no 404 in access log)
5. Refresh (F5 key) get you to the main page, not logged in
6. login => blank page (no 404 in access log)
7. Refresh (F5 key) get you to the main page, logged in
8. use the "Not you" link => blank page (no 404 in access log)
9. Refresh (F5 key) get you to the main page, not logged in

So it works almost correctly but you need a refresh (F5 key) between in the 3 cases, not sure why yet.
It's the same locally with OFBIZ-9206 fixed, w/ or w/o portoffset

Old (R13) on demo (no ecomseo before R14)

1. Get to https://ofbiz-vm2.apache.org:28443/ecommerce
2. login => you need to enter it twice => main page logged in
3. logout => main page, not logged in
4. login => main page logged in
5. use the "Not you" link => main page, not logged in

So it "works" but initially you need to enter the credential twice to login
It's the same locally with OFBIZ-9206 "fixed" (I'm not yet sure about that, I need to test on demo), w/ or w/o portoffset