I dont think there is some straight forward way for this. These are my thoughts.
Assuming that, you are using a central servlet, where every request goes to the servlet and distributes from there.
(1) Application should not allow logging in with same username/password from other PC.
(Have a singleton class or instance hashmap to store the active user information to know who logged-in and logged out at a moment, for this you can use sessionBindingListener which fires an event whenever a user logged in, loogedout. with this u can restrict the user not to login second time).
(2) Application should not allow logging in with same username/password from same PC using
another browser window.
(3) Application should able to handle unexpected log out like shutting down PC, crashing browser window, accident killing of browser window etc.
(The extension of the above answer. This is little difficult to achieve, because there is no control on closing the borwser. THe session will expire only after certain amout of time. so u cant control that. My sugession is that, maintain a window name for the result page(or login page). pass the result to that window. so, even if a person trying to login from two browsers, his response will go to only one browser..)
But....!!!

user can still use the two browsers. After he logs-in and press control+N, the same session will be shared, and he can operate on these two windows. How can you control that?? he need not even log-in second time to use another browser.