Announcement Announcement Module
Collapse
No announcement yet.
Session Control to Invalidate Prior Session During Login Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Session Control to Invalidate Prior Session During Login

    Hi,

    I have a requirement to have only one active session at a time. I've implemented session control and this is working fine. However, I'd like to implement a feature where upon a user login, any prior active session for the user should be invalidated. This would prevent the non-friendly message "Maximum sessions of 1 for this principal exceeded". Has anyone done this before?

    Regards,
    rickyeng1

  • #2
    See the Session Management section of the Security Namespace Chapter

    Comment


    • #3
      Originally posted by rwinch View Post
      See the Session Management section of the Security Namespace Chapter
      What feature are you referring to? Nothing within that section clearly describes what I'm looking to do.

      Comment


      • #4
        From that section, the description of the default behaviour is

        This will prevent a user from logging in multiple times - a second login will cause the first to be invalidated.
        which seems to match your requirement exactly, as far as I can see.

        In practice the original session won't be invalidated by Spring Security unless the user makes another request on it. Otherwise it will timeout as normal.

        Comment


        • #5
          Thank you. That appears to work as desired.

          Comment

          Working...
          X