1. Have a common logout screen in outer app. From that you redirect the user to outer app's login screen.
2. Session is a heavy object. Use it wisely. The inner 8 asp.net applications might be already using Session to manage data within each application.
3. Store the logged in users info (from outside app) in an xml file. Also store the Session ID.
<logininfo>
<login username="EncryptedString" password="EncryptedString" sessionid="EncryptedString" rememberpassword="true/false" targetappid="2" logintime="DateTime.Now" />
<login ...="" />
<login ...="" />
.....
</logininfo>
By doing this, you can manage a lot of things.
1. You can kill the session from outside the app.
2. On logout, you just have to clear the SessionId, or you can just remove that <login> entry.
3. You can keep track of
-- no. of logged-in users to the server.
-- no. of logged-in users to any inner app.
4. If the user wishes, you can easily switch between the apps. You just have to update the '
TargetAppId
'