I use Form Authentication in my web application. and I have given Cookie Name ".ASPXFORMSDEMO" and use Form Authentication ticket

FormsAuthenticationTicket tkt;
                    string cookiestr;
                    HttpCookie ck;
                    tkt = new FormsAuthenticationTicket(1, txtUserName.Value, DateTime.Now,
                    DateTime.Now.AddDays(30), chkPersistCookie.Checked, "your custom data");
                    cookiestr = FormsAuthentication.Encrypt(tkt);
                    ck = new HttpCookie(FormsAuthentication.FormsCookieName, cookiestr);
                    if (chkPersistCookie.Checked)
                        ck.Expires = tkt.Expiration;
                    ck.Path = FormsAuthentication.FormsCookiePath;
                    Response.Cookies.Add(ck);

noe check with DB and if valid then redirect

string strRedirect;
              strRedirect = Request["ReturnUrl"];
              if ((strRedirect == null) || (strRedirect == "login.aspx"))
                  strRedirect = "default.aspx";
              Server.Transfer(strRedirect, true);

after login it generate a URL with session Detail like :  http:/abc.com/(S(xrslqz452iuhnr45jklgxxaj))/default.aspx. in the browser

now I copy this url and send to another user and when he try to open it , it will open under my login.

so how to avoid this..

Don't use cookieless sessions is one way.  Even without cookieless sessions unless you utilize SSL someone could hi-jack the HTTP headers and get the cookie information used to sync the session on the server with the requestor.  Bottom line: don't use cookieless sessions and don't worry about Man in the Middle attacks so much.

Another is you could write code in Global.asax.cs under the Session_Start event to store the IP address of the requestor in the Session.   If the IP address varies beyond the first three octets (don't do 4 because many people sit behind a proxy server that utilizes N number of public IPs on the same subnet) you simply SignOut their forms ticket and require them to login again.