A method and apparatus for session control

The invention discloses a session control method which is applicable to a web system realized in the same framework. In the session control method, a user can delete the sessions when closing a main framework, thus the maximum number of access users can be controlled through the method, and resources are saved. The session control method comprises the steps of: receiving a login request sent by the user, judging whether the login users uses the system overtime or not after the user information is successfully is authenticated; if yes, releasing the sessions corresponding to the overtime user; then, judging whether the user requesting to log in logs in and whether the maximum number of login users of the system is reached; if both yes, logging in successfully; otherwise, failing to log in. the invention also discloses a device for realizing the session control method.