Invalidatig session when URL is copied on new browser window
I am facing the below issue:
1) Launch the application - the url now has jsessionid appended to it and I come to some intermediate screen
2) Copy the url containing the jsessionid
3) Open a new browser window (on the same machine), paste the url there and hit it. I get the screen that i got in step 1 in the previous window.
I dont want step 3 to happen. Instead I want the session to get invalidated if step 3 is executed.
I did the same thing just out of curiosity with icici bank website where i logged in, then copied the url and pasted it in another browser and tried hitting but the session got expired.This is what I want with my application. Note that I am not using any database in my application.
Can some one help me out how to acieve this? Is there a way to find out that the request to the same sessionid is coming from a different browser window than from which jsessionid was actually created. Any pointers to this would be highly appreciated.