diff --git a/config/alfresco/authentication-services-context.xml b/config/alfresco/authentication-services-context.xml
index 312628f3d3..896ae744fe 100644
--- a/config/alfresco/authentication-services-context.xml
+++ b/config/alfresco/authentication-services-context.xml
@@ -604,10 +604,13 @@
 				</property>
 				<!-- If ticketsEpire is true then how they should expire -->
 				<!-- AFTER_INACTIVITY, AFTER_FIXED_TIME, DO_NOT_EXPIRE -->
-				<!-- The default is AFTER_FIXED_TIME -->
+				<!-- The default is AFTER_INACTIVITY -->
 				<property name="expiryMode">
 					<value>${authentication.ticket.expiryMode}</value>
 				</property>
+				<property name="useSingleTicketPerUser">
+					<value>${authentication.ticket.useSingleTicketPerUser}</value>
+				</property>
 			</bean>
 		</property>
 		<property name="interceptorNames">
diff --git a/config/alfresco/repository.properties b/config/alfresco/repository.properties
index 824b1829ef..e7145a042d 100644
--- a/config/alfresco/repository.properties
+++ b/config/alfresco/repository.properties
@@ -677,6 +677,10 @@ authentication.ticket.expiryMode=AFTER_INACTIVITY
 # The default is PT1H for one hour.
 authentication.ticket.validDuration=PT1H
 
+# Use one ticket for all user sessions
+# For the pre 4.2 behaviour of one ticket per session set this to false.
+authentication.ticket.useSingleTicketPerUser=true
+
 # If kerberos.authentication.cifs.enableTicketCracking is false, 
 # the Kerberos ticket cracking code is switched off.
 # This code was required to get mutual authentication with a Windows AD client working in earlier versions of Java (version 5 or earlier). 
diff --git a/source/test-java/org/alfresco/repo/security/authentication/AuthenticationTest.java b/source/test-java/org/alfresco/repo/security/authentication/AuthenticationTest.java
index f35af0f6e8..7cbd328176 100644
--- a/source/test-java/org/alfresco/repo/security/authentication/AuthenticationTest.java
+++ b/source/test-java/org/alfresco/repo/security/authentication/AuthenticationTest.java
@@ -338,8 +338,14 @@ public class AuthenticationTest extends TestCase
         pubAuthenticationService.authenticate("Andy", "auth1".toCharArray());
         String ticket1 = pubAuthenticationService.getCurrentTicket();
         pubAuthenticationService.authenticate("Andy", "auth1".toCharArray());
-        assertFalse(ticket1.equals(pubAuthenticationService.getCurrentTicket()));
-        
+        if(ticketComponent.getUseSingleTicketPerUser())
+        {
+            assertTrue(ticket1.equals(pubAuthenticationService.getCurrentTicket()));
+        }
+        else
+        {
+            assertFalse(ticket1.equals(pubAuthenticationService.getCurrentTicket()));
+        }
     }
     
     public void testGuest()
@@ -736,7 +742,9 @@ public class AuthenticationTest extends TestCase
     }
 
     public void testTicketExpiryMode()
-    {
+    {   
+        ticketsCache.clear();
+        
         InMemoryTicketComponentImpl tc = new InMemoryTicketComponentImpl();
         tc.setOneOff(false);
         tc.setTicketsExpire(true);
@@ -878,6 +886,7 @@ public class AuthenticationTest extends TestCase
 
     public void testTicketExpires()
     {
+        ticketsCache.clear();
         InMemoryTicketComponentImpl tc = new InMemoryTicketComponentImpl();
         tc.setOneOff(false);
         tc.setTicketsExpire(true);
@@ -1036,7 +1045,14 @@ public class AuthenticationTest extends TestCase
 
         String ticket2 = authenticationService.getCurrentTicket();
 
-        assertFalse(ticket1.equals(ticket2));
+        if(ticketComponent.getUseSingleTicketPerUser())
+        {
+            assertTrue(ticket1.equals(ticket2));
+        }
+        else
+        {
+            assertFalse(ticket1.equals(ticket2));
+        }
     }
 
     public void testAuthenticationService1()