On Mon, Jun 27, 2011 at 9:58 AM, James Parry <[email protected]> wrote: > Hi All, > > > > I’m after some guidance brief guidance as to if anyone has done anything > like the following. > > > > We’ve had a request to only allow a user to be logged in once. Meaning that > if they logs in a second time it invalidates to first logon kicking them out > of the system.
In order to achieve this behavior you'll have to deal with the application sessions. Your app would have to detect the second login was from the same user and somehow invalidate the previous application session. This has little to do with CAS per se. And sounds like it would be difficult to implement given your architecture. > > I was wondering if anyone else in the community has adapted Cas to work in > this manner or is this feature already supported and I’ve just missed. Not that I know of. You could modify CAS server to detect a second login, kill the previous TGT and initiate the Single Logout flow based on the initial TGT. Not sure if that all lines up though with the current CAS code base, it may take some deep CAS mods. And you'd still have to application session addressibility issue for SLO to work. Best, Bill > > > > I’m using 2 clustered Cas (Tomcat Session/ JPA ticket reg) to allow users > to authenticate for our own single web application that distributed over > about 12 servers with Load balanacer stick sessions to stick a user to a > single server. > > > > My main question is would this sort of thing even be possible within Cas or > is it completely infeasible. > > I’m assuming that Service Tickets will just need to be validated far more > regularly (not just at the start of the users session on a server) to be > able to invalidate the initial users tickets. And ensure that if the user > logs in a second time i invalidate the original ticket. Would this approach > work or am I completely off base? > > > > Many Thanks for any replys. Eagerly awaiting anyone’s input. > > > > James Parry > > > > > > > > __________ Information from ESET NOD32 Antivirus, version of virus signature > database 6243 (20110627) __________ > > The message was checked by ESET NOD32 Antivirus. > > http://www.eset.com > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
