[FIX] http: correct authentication via JSON-RPC.

Since 31d817e, we rotate then session at login/logout.
Unfortunatly, `openerpframework.js` does not support session id change
at authentication and keep old one.

In order to keep compatibility with existing js clients (including 7.0
ones), we do not rotate the session at authentication.

Fixes #6948
Closes #6949

openerp/http.py

@@ -955,7 +955,6 @@ class OpenERPSession(werkzeug.contrib.sessions.Session):
             uid = dispatch_rpc('common', 'authenticate', [db, login, password, env])
         else:
             security.check(db, uid, password)
-        self.rotate = True
         self.db = db
         self.uid = uid
         self.login = login