> From: Klotz Jr, Dennis [mailto:[EMAIL PROTECTED] > Is it possible using LDAP, whether it is using custom JAAS code or a > third party product such as Vintela's VSJ > (http://www.vintela.com/products/vsj/), to do the following: > > "... prevent, control or limit the simultaneous active usage > of the same > user id. The number of simultaneous active sessions shall be settable > per user id." > > The show stopper for me is whether I can inform the LDAP > server when the > user has logged out. The default JNDIRealm does not, to my knowledge, > provide that ability. JNDIRealm is just for authenticating and role > retrieval.
You *could* do something like this by storing a custom attribute in LDAP and incrementing/decrementing that when a user logs in/out. I'm not sure where it'd get you, though, given users' distressing habits of closing browsers without logging out of an app and hence leaving the session open for a period. That sounds like it's come straight out of a requirements doc. I'd ask who wrote the requirements doc, what's the business reason behind that requirement, and can it be accomplished another way? - Peter --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]