The HTTP session cookie will be shared between tabs in the same browser. That means that the server cannot distinguish between the tabs based on that alone. You'd have to come up with some way to pass the identity of the window/tab to the server in every request.
So, you don't want users to have multiple windows/tabs on the same session?
I've heard of (and implemented) not allowing more than one session for a user, but only one window seems a little extreme.
many thanks for your help. Then we will make a redirect on the login-page to the main-page if a login already exists so that's not possible to login as another user and everything is ok.