JD Evora created SHIRO-456:
------------------------------
Summary: A way to limit the numer of current sessons with the
same credentials
Key: SHIRO-456
URL: https://issues.apache.org/jira/browse/SHIRO-456
Project: Shiro
Issue Type: New Feature
Components: Authentication (log-in)
Affects Versions: 1.2.1
Reporter: JD Evora
Priority: Minor
A usual requirement is to limit the number of users that can be simultaneously
logged in using the same credentials (or invalidate previous sessions)
Even you can find a possible implementation in
https://kenai.com/projects/shirospring I think that it is important to add it
as standard
As a reference, spring security implements it with the max-sessions="1"
attribute
<security:concurrent-session-control
max-sessions="1" exception-if-maximum-exceeded="true" expired-url="/login" />
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
