For the new application, develop a filter or a handler that for a request checks to see if there is an Authorization in the shared memory associated with the SESSIONID from the request. If it's no longer there, force spring to destroy this session, logging you out.