I have an application written in MVC that uses your regular .Net Forms Authentication. There's nothing particularly new or exciting going on with it.
My client has now asked that users be able to log in to the app on the same machine but in different browsers, or different tabs within the same browser. To my mind, he's asking for a scope change to have authentication moved to cookieless instead of its current design.
Not having had any experience with doing this in MVC, I'm curious to know before I get started how much hurt I'm in for by trying this. Are there better ways to do it? What should I consider?
Any advice appreciated.