Internet browsers will cache the credentials of a user during the same browsing session and will automatically try these credentials before prompting the user again. In this case, the browser has no way to know that a different user is now using the workstation. If User A had closed the browser, this would not occur. Educating users to close the browser is one method to combat this, but it is not always practical.
One option would be to change the default authentication type to forms based authentication. When using forms based authenticaiton, the browser will not autmatically send the credentials so this situation is avoided. The downside to this configuration is that all users will be prompted for authentication and users will lose the single sign on experience. You can find the instructions on how to do this here.
Maheshkumar S Tiwari edited Original. Comment: Added Tag