I’m working on a way to handle session information on all of our web applications. The way that we were doing things resulted in a situation in which if I log in and then log out and you log in without closing the browser, you would still be logged in as me. Oops! Good thing that we caught this well before outside users gained access to the applications… In order to fix this, I decided to cause all of the sessions for all of the applications you currently have open to expire as soon as you log out from the portal application. The name I chose for this function?
It’s the only way to be sure.