We are experiencing the following problem with the latest versions of IE and FF in regards to sessions. If anyone has encountered these problems before, any insight would be valuable.
In FF: An ongoing problem where sessions are saved across multiple tabs and windows in the same machine. This means that users that are logged in to one of our portals can open a new tab or window and be logged in here.
In IE7: Similarly, but different windows use different session data. However tabs are the same as FF.
In IE8: Ok, something really strange is happening here. Session data is saved on a domain basis for each window, so a new window behaves as a new tab would if it is in the same domain. On a different domain, different windows have different sessions, so the user is not automatically logged in.
These problems are mostly frustrating for the development team trying to debug across multiple portals. But we are starting to wonder if this is a security issue, and how we can work around it. Is this just a flaw in these browsers that web developers must accept, or has anyone come up with a suitable workaround for them? As I said before, your input will be appreciated.
Thanks in advance,