I am learning the ASP.net membership feature.
I am wondering how I can implement so that later login session logout former login session to avoid concurrent login. I know how to check whether the user is online (by Membership.IsOnline()) and logout the current user (by FormsAuthentication.SignOut()). But I don't know how to logout the previous login session.
I don't think there is an explicit way to do this.
One way to implement it would be to store some sort of log in token (session ID?) in the Cache when a user logs in. Revoke the old token each time that user logs in. Then add an HttpModule which checks this token... when a request comes in that does not match, log the user out. Alternatively, put this logic in a master page, or a page object from which all your app pages inherit.