This is expected. The Session Cookie will be missing for all requests that are:
XOG/SOAP - contains the authentication in the body, not in the cookie A bookmark used, i.e.: homeActionId If a user connects to PPM using a bookmark or link such as: http://SERVERNAME/niku/nu#action:homeActionId http://SERVERNAME/niku/nu#action:npt.overview etc. It will first direct him to the URL, then determine user is not logged on and send him to the login page.
Same happens if user was timed out and they get back to the browser and refresh the page.
Having this session cookie not defined is normal and expected at this stage.