Hi Frederic,
for Protocol reasons it is not feasible to check for a single login (which is your intended behaviour I guess). Reason here is, that for SAP-GUI we have a permanet TCP connection. The Protocol itself gives us a clear statement, there is a new login coming (someone launching the SAP-GUI to connect to the backend instead of for instance just opening a new mode).
This features is not part of the HTTP protocol. There just opening a new window for an already existing session will lead to same execution flow as a direct acccess from a new window on the protocol layer. In fact even the IP can change in HTTP without the app loosing the connection (you may try it in bigger WLANs, moving from one section to an other if the IP changes the SAP-GUI wil break but the HTTP session will stay). So just checking the IP is not feasible either without breaking one of the main features of the HTTP protocol.
If you could provide more info on the use case, there may be some other option to avoid the issue you are facing.
regards,
Patrick