Spring Security. How to disable session sharing on multiple tabs of the same browser?

Question

Spring Security. How to disable session sharing on multiple tabs of the same browser?

As you know, Spring Security provides JSESSIONID in a cookie-based session management solution, it allows you to transfer the same JSESSIONID information on multiple tabs of the same browser.

According to OWASP guidelines, it should not be shared.

Is there a way to disable this exchange in Spring Security?

0

spring spring-security session-cookies session

Ketan Sep 28 '13 at 10:11

source share

1 answer

Ralph · Answer 1 · 2013-09-28T10:51:16+0000

My first idea: "Unable to prevent the browser from doing this."

But then I found it

HTML5 SessionStorage (window.sessionStorage). . . fooobar.com/questions/53008/...

, .

Spring Security. How to disable session sharing on multiple tabs of the same browser?

More articles: