How to force logout user when his/her username is changed by another user?

Question

In my application I am using Forms-Authentication to sign in and sign out users.

One functionality is admin can change the username of other users. In that case, I

Answer 1

When a user needs to become invalidated you must add their details to some kind of internal static list.

Then on every page request (possibly using Application_BeginRequest) see if that current user is in that list, and if so to call FormsAuthentication.SignOut there-and-then.

It seems like a bit of a hack, but it's the best I can think of right now.

Note that removing a user-in-absentia's session state is another issue entirely.