In case of Access Manager session upgrade, a new session is created by copying contents of old session and old session is destroyed. So if you observe the content of iPlanetDirectoryProCookie, it changes its value.
In case of Access Manager forceauth, it will be the same session. So, if you observe the content of iPlanetDirectoryProCookie, it does not change its value.
How to test this forceauth behavior?
1. http://host:port/amserver/UI/Login?module=DataStore. Complete successful authentication.
2. http://host:port/amserver/UI/Login?module=LDAP&ForceAuth=true. This will now kick in force auth.