Fixed bug where session.stop was not delegating at all times to the security manager (required for the security manager to clear out a cookie in web environments)
incubator/jsecurity/trunk/core/src/main/java/org/apache/ki/subject/DelegatingSubject.java