Maximum sessions of 1 for this principal exceeded

[asmx]

hello ;
i need your help
i'm using spring security 3.0.5
remember-me with session control
i note that in my controller i use an HttpSession to store data
;
in my spring-security.xml i have

<remember-me key="keys" token-validity-seconds="60"/>
<session-management invalid-session-url="/index.htm">
<concurrency-control max-sessions="1" error-if-maximum-exceeded="true" />
</session-management>

in web.xm i have or.spring......web.session.HttpSessionEventPublish er

but when i close the browser and open it
i get this error :

authentication failur: Maximum sessions of 1 for this principal exceeded

like it try to login again with the previous cookies of remember-me
any helpe please ?

[asmx]

any one here !!!!!!!!!!!!!!

[Marten Deinum]

Use the search...

The fact that you close your browser doesn't destroy the serverside session you do however remove the connection between the client and server (the cookie storing the sessionid is removed). This leads to the server thinking that you are connecting with a new browser.

This is a fact and you can login again after the session timeout it has nothing to do with your remember-me cookies or whatever.

There is however no solution for this (at least not one that is 100% watertight), you could create a javascript hack which prevents the browser from closing (you can show a popup) but that isn't a really reliable solution. (And basically website/-apps that do this are really anoying IMHO).

[asmx]

thank's
i understand