I am not sure you can completely stop the user who really wants to do this,
but you can restrict some options.
From the browser, I believe you can stop open of another instance (Control +
N or New Browser Window) with JavaScript. This will not stop the user from
opening a completely new browser instance from the start menu, but you can
refuse a second session from the user if you are authenticated them (either
through windows authentication or forms auth). THe danger here is a failed
session will look the same as a second window and you will lock the user out
until their dead session times out on your box.
Think the application through before going in any direction with this, as
there is a lot of danger of making a largely annoying application when you
start restricting the client on a web app.
--
Gregory A. Beamer
MVP; MCP: +I, SE, SD, DBA
***************************
Think Outside the Box!
***************************