As far as I know sessions are destroyed when you close a browser window, with my application when I test it on Chrome the cookie storing the session id somehow remains stored on the pc (even though Chrome is set to delete cookies on browser close), but when I access my application again after closing chrome the login screen is displayed, meaning that the session has been destroyed and I need to login again.
On Firefox however, when I close it and reopen and try to access a secure page I still get allowed in, why could this be happening?