asp.net实现唯一登录 例子

js代码：

    <script type="text/javascript">
        String.prototype.trim = function() {
            return this.replace(/(^\s+)|\s+$/g, "");
        }

        var x = 0;
        function myRefresh() {
            var httpRequest = new ActiveXObject("microsoft.xmlhttp");
            httpRequest.open("GET", "sessionout.aspx", false);
            httpRequest.send(null);
            x++;
            if (x < 2) //60次，也就是Session真正的过期时间是30分钟  
            {
                setTimeout("myRefresh()", 30 * 1000); //30秒  
            }
        }
        myRefresh();

        window.onbeforeunload = function() //author: meizz
        {

            var n = window.event.screenX - window.screenLeft;
            var b = n > document.documentElement.scrollWidth - 20;
            if (b && window.event.clientY < 0 || window.event.altKey) {
                $.ajax(
                    {
                        type: "Post",
                        url: "SessionHandler.ashx",
                        success: function() {

                        }
                    })

            }
        } 
    </script>

webconfig sessionState设置：

    <sessionState mode="InProc" stateConnectionString="tcpip=127.0.0.1:42424" sqlConnectionString="data source=127.0.0.1;Trusted_Connection=yes" cookieless="false" timeout="1"/>

判断用户是否登录：

    public static bool UserIsLogin(string userid)
    {
        bool isLogin = false;
        ArrayList list = HttpContext.Current.Application.Get("GLOBAL_USER_LIST") as ArrayList;
        if (list == null)
        {
            list = new ArrayList();
        }
        if (list.Contains(userid))
        {
            isLogin = true;
        }
        else
        {
          list.Add(userid);
           HttpContext.Current.Application.Add("GLOBAL_USER_LIST", list);
        }
        return isLogin;
    }

session 过期或用户退出时 从ArrayList 移除该用户：

void Session_End(object sender, EventArgs e)
    {
       
        //string url=HttpContext.Current.Request.Url.AbsolutePath.ToString();
        //if .IndexOf("SysAdmin") == -1)
        //{

            string loginLogid = Convert.ToString(Session["loginLogid"]);
            if (!string.IsNullOrEmpty(loginLogid))
            {
                erp_crm.BLL.crm_loginLog BllLoginLog = new erp_crm.BLL.crm_loginLog();
                erp_crm.Model.crm_loginLog loginLog = BllLoginLog.GetModel(loginLogid);
                loginLog.exitTime = DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss");
                BllLoginLog.Update(loginLog);
            }
            string strUserId = Convert.ToString(Session["userid"]);
            ArrayList list = Application.Get("GLOBAL_USER_LIST") as ArrayList;
           
            if (strUserId != null && list != null)
            {
                list.Remove(strUserId);
             
                Application.Add("GLOBAL_USER_LIST", list);
            }
           // Response.Redirect("login.aspx");
        //}
        //在会话结束时运行的代码。
        // 注意: 只有在 Web.config 文件中的 sessionstate 模式设置为
        // InProc 时，才会引发 Session_End 事件。如果会话模式
        //设置为 StateServer 或 SQLServer，则不会引发该事件。

    }

安全退出： Session.Abandon();

参考：http://www.cnblogs.com/myaspnet/archive/2010/11/03/1867703.html