I have a web application which uses user browser cookie to perform Single-Sign-On after user�s login to the system. I�m experiencing a problem lately that user session stays with old user even after he do a logout or close the browser. I remember that if the expiry is not set the cookie stays only till the life of the browser, right? I�m using http Cookie class to set the cookie token and cookie name/value.
The problem solves when the users manually got to IE option and delete the cookies and temp files. Then if he login it works fine.
Is there a way to get around this problem? We experience this happening not with all users, but with some of them (most of XP users). Is there a specific thing need to be done on my JSP or some configuration to be set on end-user�s machine? We cant say each users of same machine to go each time to go to IE options and do the clear process. Please advice. Any input on this is appreciated.