Allow only one concurrent login per user in ASP.NET

Question

Is it possible to allow only one concurrent login per user in ASP.NET web application?

I am working on a web application in which I want to make sure that the websi

Answer 1

You can create a cache entry per user and store their session ID in it. Session ID will be unique per browser session. In your login page, you can create that cache entry when they successfully login:

if(Cache.ContainsKey["Login_" + username])
    // Handle "Another session exists" case here
else
    Cache.Add("Login_" + username, this.Session.SessionID);

(Code typed in textbox without syntax check. Assume "pseudo-code".)

In global.asax you can then hook into the Session_End and expire that cache entry of the user. See this for the global.asax events.

if(Cache.ContainsKey["Login_" + username])
    Cache.Remove("Login_" + username);