Ashish Gautam writes:
My requirement is that any user should be able to login for first time and if user tries to login again without loggin off then user must be prevented by displaying necessary message. You probably can do that, but you should *NOT*.
Note that HTTP is stateless. There is no connection that defines when a user is logged on. The server would need to maintain the "logged on" state. But then, you have the following dilemma. Either, anybody can logout a "logged in" user or only the "logged in" user can log out itself. I expect you prefer the second solution. But, when the server state becomes inconsistent (it thinks the user is still logged in; but the corresponding client state is lost), then the user will not be able to login again to do the log out. Your admiministrator will often be called to remove stale logged-in state... Dieter