I have a requirement where a logged-in user can only have 1 active session

Question

0

Asked: May 28, 20262026-05-28T14:23:54+00:00 2026-05-28T14:23:54+00:00

I have a requirement where a logged-in user can only have 1 active session

0

I have a requirement where a logged-in user can only have 1 active session at a time in an ASP.NET application. Currently a single user can log in from multiple machines simultaneously and get multiple sessions. I am using standard ASP.NET Membership with AppFabric for session state management. Am I missing some basic switch available in ASP.NET Membership to enforce this? Otherwise, the plan was to add a table to the membership database that would have the aspnet_Users.UserId and sessionId columns and simply make sure that the current session Id (last-in) is the only session allowed. Thanks for any help!

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-28T14:23:54+00:00

Editorial Team

2026-05-28T14:23:54+00:00Added an answer on May 28, 2026 at 2:23 pm

We ended up correlating the latest session Id to the user’s profile in the database after a successful login using a custom table. This correlated session Id value is checked using an HttpModule for each request. If the user’s current session Id doesn’t match the saved Id, then they are redirected to the login page.

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I have a requirement where a logged-in user can only have 1 active session

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply