Multiple sessions possible per user

If a user opens 2 web pages simultaneously they will create 2 sessions.

Usually this would not matter but it does create a problem for remember me functionality when 开发者_如何转开发attempting to rotate cookie tokens as recommended in the persistent login cookie best practices. There seems to be no way to rotate both cookies correctly where both sessions are opened simultaneously.

How can I resolve this?

I use Tomcat and Struts 1, but I think this is framework independent.

extending @Thilo answer He is correct, any subsequent access to other page will follow send the cookies for that domain. e.g open gmail, login and now open gmail in other tab or window it send the cookie for that domain. since the cookie hold the session information on any subsequent request only session id/value will be changed. You can check it using firebug and its extension fire-cookie. On matter of avoiding remember-me problem as said in the link you specified it is more to design problem as how you are handling it.