I am having a web application, which can be accessed by different users based on their userid's and passwords.
Now I want to prevent users from accessing the application from more than one system.
In order to prevent this I have created a table with three columns as :
userid password flag
with flag having two values (true, false)
true means that user is logged in
false means looged off
session id generated by the server when the session is created
SESSION.SESSIONID gets the id generated on the IIS.
now how can I delete it?
so that there can be only one user per user id.
In short I want to implement a feature used by gmail where one user can expire or log out all other users on different machines using same user id's.
am I right in achieving the goal?
I don't want to use Asp.net MembershipProvider.