Hi All,
I'm after some guidance brief guidance as to if anyone has done anything like the following. We've had a request to only allow a user to be logged in once. Meaning that if they logs in a second time it invalidates to first logon kicking them out of the system. I was wondering if anyone else in the community has adapted Cas to work in this manner or is this feature already supported and I've just missed. I'm using 2 clustered Cas (Tomcat Session/ JPA ticket reg) to allow users to authenticate for our own single web application that distributed over about 12 servers with Load balanacer stick sessions to stick a user to a single server. My main question is would this sort of thing even be possible within Cas or is it completely infeasible. I'm assuming that Service Tickets will just need to be validated far more regularly (not just at the start of the users session on a server) to be able to invalidate the initial users tickets. And ensure that if the user logs in a second time i invalidate the original ticket. Would this approach work or am I completely off base? Many Thanks for any replys. Eagerly awaiting anyone's input. James Parry -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
