I have an application that will allow a system administrator to change the operational states of the app from Normal. to limited to Disabled. Limited simply adds a appsetting to only allow users with the Role of admin to login. When the application is disabled i generate a file called "appoffline.html" which tells the server not to render the .NET Application. What my question is however is that if the admin sets the application to Limited Access or Disabled I want the application to invalidate all of the current Forms Auth Sessions for ALL users. This way after a mode change the application will restart and users will have to log in again... if they can. What would be the code to kill all of the forms authentication sessions?
View Complete Post