session objects are stored in server, right? when user close your ie or nets. window(with a valid session created) the server turn this session invalid. What�s the listener or some thing that exec this "session.invalidate"??
When a browser window is closed or the browser program is exited, there is no message sent to the web server. As far as the server knows, that session is still open. When the session timeout occurs, then the servlet container calls the HttpSession.invalidate() method.