log out is not happening properly

this question is related to javaranch

i clicked on the close (x )button of web browser and after some time i opened the web browser again then i saw,my session is not logged out.

please give me the detail description of web browser(x) button and (logout) button of an application
what we do for both in the program so that application invalidate your session?

Closing the browser will not necessarily log you out. It usually happens in Financial web sites due to tough security reason/policies.

When you click log out button on any website it invalidates the session and hence logs you out.

I am pretty sure you can find more precise answer by searching in javaranch forums or just google it.

Not quite right.

It is a common mistake to confuse authorisation with session management. While authorisation (logins) are typically backed by the session, it is not mandatory and certainly not the case in some containers.

It can also be the case that invalidating the session does not log the user out. One example is Websphere, where container managed security is implemented using a separate encrypted cookie managed by the container. If your session expires (or is invalidated) but the security cookie is still valid, you will be given a new session.

Also, there is a difference between in-memory and persistent cookies. Again typically sessions are stored using in-memory cookies, so that closing the browser makes them go away. It is still possible to use persistent cookies, in which case closing the browser will not log you out, much like the JavaRanch cookie.