In a mobile app, how can I force a specific session to logout from the server?

In a web application, that is easelly achieved by call a custom page with ardoHTTP (HTTP_Get) and put in the header the respective cookie sessionId in the request header.

A mobile app does not have an explicit session in the server, but somehow the server is aware if a specific mobile session has a registered user or not (through some cookie or another parameter passed in the request header in a REST call from the device to the server).

Therefor how its possible to kill/logout a specific mobile session from a admin page/web application in the server?



Hi Telmo,

In Mobile apps you can still use the same Login and Logout actions as you do in web apps. They have the same behavior.

Hi João,

Yes. Basically after a successfully login (web or mobile) I kept track of it's ASP.NET_SessionId cookie and as a "server administrator" I can Logout a specific session from the server.

If it's a web application, through ardoHTTP, I make a HTTP get call to a page in the server that call Logout action of the system (or Users module). In that call I put the ASP.NET_SessionId cookie in the header that previously I've recorded.

This is working fine for a web application. Yesterday I didn't notice but it also seems to work for an OS mobile app. I mean, it's not "in real time" (i.e., it's not in the next access made immediately after that by the app to the server), but in a short time navigating in the app, I also got logged out from it :)