> From: Klotz Jr, Dennis [mailto:[EMAIL PROTECTED]
> Is it possible using LDAP, whether it is using custom JAAS code or a
> third party product such as Vintela's VSJ
> (http://www.vintela.com/products/vsj/), to do the following:
>
> "... prevent, control or limit the simultaneous active usage
> of the same
> user id. The number of simultaneous active sessions shall be settable
> per user id."
>
> The show stopper for me is whether I can inform the LDAP
> server when the
> user has logged out. The default JNDIRealm does not, to my knowledge,
> provide that ability. JNDIRealm is just for authenticating and role
> retrieval.
You *could* do something like this by storing a custom attribute in LDAP
and incrementing/decrementing that when a user logs in/out. I'm not
sure where it'd get you, though, given users' distressing habits of
closing browsers without logging out of an app and hence leaving the
session open for a period. That sounds like it's come straight out of a
requirements doc. I'd ask who wrote the requirements doc, what's the
business reason behind that requirement, and can it be accomplished
another way?
- Peter
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
