Hi,
try to comment your custom headers (i.e. restore original behavior) and configure your angularjs requests to have withCredentials set to true. Then check your second request (e.g. using network tab under developer tools) and verify if cookie is passed. Please, advise.

Kind regards,
Luigi