Check here: https://blogs.adobe.com/connectsupport/using-the-xml-api-with-enhanced-security/

Basically, you need to make a second common-info call after logging in to obtain a second session cookie. The session cookie obtained before login will be invalid if enhanced security is turned on in Adobe connect. You can just assume that enhanced security is on since, if it isn't, the second common-info call will return the same session cookie as the first.