It sounds like you need to introduce some Session Management and/or page expiry (e.g. When should a session expire), here is a link to an introduction on sessions in Java, hopefully that helps get you started!
This is a client side issue, so I don't think any server software will solve it. If I interpret it correctly, then the question is about why a new window transmits cookies that were set in a different window. Different browsers handle this in different ways, so there may not be much that the web app can do about it.
Why is the behavior you describe a problem? Why should a user need to log in twice just to run an application in two windows? [ September 30, 2008: Message edited by: Ulf Dittmer ]
Joined: Aug 06, 2008
You could be correct. I took the problem to be if they copied the URL. Manually opened a new browser before or after closing any browsers currently open and then pasted the URL.
I know IE will copy some stuff from the open browser to any browser the browser opens. I hope you understand what I mean here.