Index: lams_common/src/java/org/lamsfoundation/lams/web/session/SessionManager.java
===================================================================
diff -u -r2c77fd87b16db132d3e8cc0f1d0a00b93add0a1b -r3360bf7f32bc31b25116f4e15685cac534eee01e
--- lams_common/src/java/org/lamsfoundation/lams/web/session/SessionManager.java	(.../SessionManager.java)	(revision 2c77fd87b16db132d3e8cc0f1d0a00b93add0a1b)
+++ lams_common/src/java/org/lamsfoundation/lams/web/session/SessionManager.java	(.../SessionManager.java)	(revision 3360bf7f32bc31b25116f4e15685cac534eee01e)
@@ -196,6 +196,16 @@
 	    ssoCookie = createCookie((HttpServletResponse) res, SystemSessionFilter.SSO_SESSION_COOKIE, currentSessionId);
 	    SessionManager.log.debug("==>Creating new " + SystemSessionFilter.SSO_SESSION_COOKIE + " - " + ssoCookie.getValue());
 	}
+	
+	Cookie cookie = findCookie((HttpServletRequest) req, SystemSessionFilter.SYS_SESSION_COOKIE);
+	if (cookie == null) {
+	    // If a session exists in the request without a corresponding JSESSIONID cookie, assume
+	    // user lost their cookie or closed their browser, so invalidate the session
+	    HttpSession session = ((HttpServletRequest)req).getSession(false);
+	    if (session != null) {
+		session.invalidate();
+	    }
+	}
 	 
 	setCurrentSessionId(currentSessionId);
 	// reset session last access time