Although I've set isPersistent to false, the authorization cookie is persisted between sessions. This only happens with IE8. With other browsers it works as supposed.
Sys.Services.AuthenticationService.login(username, pw, false, null, null, null, null, "User Context")
This is because IE8 treats sessions differently.
For instance, if you open 2 IE8 windows at the same time and go to web site, login as user A, then visit the same site in the other window, it will have shared your session. Then if you logout and the login as user B in the other window, then go back to first window and refresh, you will be logged in as user B there too.
You can't force the browser (IE8) to behave differently by code, you can, however force IE8 to open up with a new session by opening up a new window then go to File - New Session. Alternatively, you could start IE8 from the command line using:
iexplore.exe -nomerge
for more information on the new Process model of IE8, see this article