You didn't get my point!
Suppose I set the session timeout value to 20 minutes, if the user closes the window after 10 minutes of his login and a new user requests the url on the same PC after 5 minutes of the last user logout process, the new user will be taken directly to the account of the first user without enterin' user ID or Password.
I hope you got my point now. This idea is implemented in hotmail.com ......... I need the solution guys.
With regards