It depends on the server side session mechanism of you web application. You need to propagate the session ID correctly with the URL passed to PD4ML.
For the regular J2EE application a solution is to add the jsessionid parameter to URLs:
How will this work with .Net MVC. need it to render an MVC action that is based on an authentication requirement.