I have the second web app not calling up the Login.aspx page when the first web app is signed on properly, so that's progress. (Please see attached code for web.config)
The problem I have is that when I close the first application, I need the cookie deleted so refresh calls up the login screen on the second application. Also, the cookie nener goes away and the second web app can be started and restarted without a login.
I know the lont timeout is a factor, but I do not want to wait even one minute (the minimum) before blocking access from the second site. Once he first site is closed I want access blocked immediately from the second site.