Hello,
when I log just into backend, Im automatically get access into frontend restricted area as well, despite there is only one entry in session table (client_id is set to 1). After logging out session table is not updated (session_id is still conected with certain user).

Im using Joomla 1.5.11 and JMS 1.1.23 with 1.1.11 patches version.

JMS does not manage sessions except when working on localhost to give a facility to simulate URL.

Therefore if you are working on a real domain, I can tell you that JMS does not use the sessions.
I suppose this is a standard Joomla behavior.

When a PHP session is open, it remains open whatever the place you are in Joomla.
This means that you can go in any webpage of your website (back-end or front-end) and the sessions will remain open.

Thanks for quick reply.

Im running my site on localhost, maybe thats the reason of this behaviour. I dont think its standard Joomla issue because when I uninstall JMS patches everything is fine again.

Joomla stores session information in #__session table. If you access Joomla (both front and backend) in same browser there should be two separate entries in session table created (with client_id = 0 for frontend and 1 for backend). When JMS patches are installed and user logs out new session entry should be created (old one should be deleted). Its not happening. Old session is kept.

When working on localhost, JMS use the session to simulate any domain or sub-domain.
See procedure described in the forum /forum?func=view&id=303&catid=17#303

Ive tried to run it online, and it works fine with patches installed, so as you said its localhost issue.