The session shouldn't carry over to the new browser. How are you defining a session? How are the values being sent to the backend (ie. Spring, Struts)? Is there an auth procedure being used to...