Start networking and exchanging professional insights

Register now or log in to join your professional community.

Follow

How we can expire session in web application when we close a tab of browser?

user-image
Question added by Mohamad JAvad Khazali , Information Security Expert , Saman Bank
Date Posted: 2013/10/30
Prasath J
by Prasath J , Associate - Projects , Cognizant Technology Solutions

Session Invalidation from both client and server side while closing the browser.

 

Vishal Bhawnani
by Vishal Bhawnani , Assistant Manager - IT Security , Wall Street Exchange Centre LLC

Kill the logged in user session cookie when the logout option is been called & when the browser is closed terminate/flush that session cookie value so that the same cookie value can't be reused.

Deleted user
by Deleted user

Verify that the session id is changed or cleared on logout.

Verify that sessions are invalidated when the user logs out.

 

 

Verify that the session id is changed or cleared on logout.

Verify that sessions timeout after an administratively-configurable maximum time period regardless of activity (an absolute timeout).

Verify that the session id is changed on login to prevent session fixation.

Verify that the session id is changed on re-authentication.

 

More Questions Like This