Announcement Announcement Module
Collapse
No announcement yet.
ERROR: Maximum sessions of 1 for this principal exceeded Page Title Module
Move Remove Collapse
This topic is closed
X
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • ERROR: Maximum sessions of 1 for this principal exceeded

    Hi ,

    right now, I set exception-if-maximum-exceeded is true, it works fine when the two same user try to login at same time. But when I login in at IE successful, and close browser, I will get same error:ERROR: Maximum sessions of 1 for this principal exceeded when I try to open one new browser and login again. Until this session timeout or restart app server.
    Is it possible clear up this session at server side after I close browser?
    Anyone can advise on it.

    Many thanks.

  • #2
    I had the same problem

    see http://forum.springsource.org/showthread.php?p=195057
    for a solution

    Comment


    • #3
      Hi WhyBish,

      Actually I have added listener in the web.xml
      <listener>
      <listener-class>org.springframework.security.ui.session.Http SessionEventPublisher</listener-class>
      </listener>

      But my issue is different with that. My question is how spring security to detect the session is invalid if the client side close the browser. Since my set is not allow two concurrent session at the same time, but if spring security does not clear the session when client close the browser, the second request cannot be allowed to login. I don't think it is correct behavor. So guess there have some settings need to be config. Any advise on it or it does not be support from spring security at all?

      Many Thanks

      Comment


      • #4
        Your server would need to know that the browser has closed.
        You would need to do one of the following:
        1) Add a logoff link (The docs cover this)
        2) Add some javascript to trigger a logoff when the browser is closed (assumes the client doesn't kill the browser with task manager/ because of power cut etc.)
        3) Add a serverside timeout to the session (the docs cover this). If the length is too long the user will need to wait for that time before they can get in again, if it is too short they will time out frequently during normal use of the site.

        Comment


        • #5
          Hi WhyBish,

          Very appricate your prompt reply. For item 1 and 3, I did already. For javascript, can I ask you one more question as I am a newbie? I hear that those kindly of javascript will be trigger when page display like close browser,tab. if go google site first and after then key in yahoo, then do those kind of javascript also be trigger?



          Thanks

          Comment


          • #6
            Unfortunately I'm not sure. If this is for a public site you should also be aware that some people may have javascript turned off.

            Comment


            • #7
              It's ok. many thanks

              Comment

              Working...
              X