I am working on a feature where my application will not allow multiple active

Question

0

Asked: June 5, 20262026-06-05T04:30:01+00:00 2026-06-05T04:30:01+00:00

I am working on a feature where my application will not allow multiple active

0

I am working on a feature where my application will not allow multiple active login from same user. When a user logs in from a new machine/browser, the previous login is invalidated and user is redirected to login page on the old machine/browser.

I am able to achieve this by:
1. storing a unique sessionid for logged in user in the HttpApplicationState object
2. Whenever user logs in this session id is updated in the object so there is always the most recent session id.
3. This session id is also stored on client side in a cookie
4. For every request the client makes I compare this cookie value with the Application value and if different I log the user out.

5. To compare this session id in every request I have create a HttpModule object for event OnAuthenticated.

My question is, can I somehow abandon the Session for which I am logging user out?

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-06-05T04:30:02+00:00

Editorial Team

2026-06-05T04:30:02+00:00Added an answer on June 5, 2026 at 4:30 am

You could implement IRequireSessionState in a temp HttpHandler, which would give you the current session. Here’s a SO question/answer that provides the complete source.

Can I access session state from an HTTPModule?

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I am working on a feature where my application will not allow multiple active

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply